[DevOps] Docker containers and their common commands

1.Container

The ecosystem of container technology covers various issues involved in the IaaS layer and PaaS layer from bottom to top, including resource scheduling, orchestration, deployment, monitoring, configuration management, storage network management, security, containerized application support platform, etc. In addition to solving the classic problems that cannot be avoided when building a distributed platform based on container technology, container technology mainly brings the following benefits.

• Continuous deployment and testing . Containers eliminate the differences between online and offline environments and ensure environmental consistency and standardization of the application life cycle. Developers use images to build standard development environments. After development is completed, they are migrated through images that encapsulate the complete environment and applications. As a result, testing and operation and maintenance personnel can directly deploy software images for testing and release, which greatly simplifies continuous integration. , testing and release process.

• Cross-cloud platform support . One of the biggest benefits of containers is their adaptability. More and more cloud platforms support containers. Users no longer need to worry about being tied to cloud platforms, and it also makes hybrid deployment of applications across multiple platforms possible. IaaS cloud platforms that currently support containers include, but are not limited to, Amazon Cloud Platform (AWS), Google Cloud Platform (GCP), Microsoft Cloud Platform (Azure),OpenStacketc., as well asconfiguration management toolsChef,Puppet,Ansible

• Environment standardization and version control . Based on the environmental consistency and standardization provided by containers, you can use tools such as Git to perform version control on container images. Compared with code-based version control, you can also implement version control on the entire application running environment. Once a failure occurs, you can quickly rollback. Compared with previous virtual machine images, container compression and backup are faster, and image startup is as fast as starting an ordinary process.

• High resource utilization and isolation . Containers do not have the additional overhead of a hypervisor and share the operating system with the underlying layer, resulting in better performance and lower system load. They can run more application instances under the same conditions and make fuller use of system resources. At the same time, containers have good resource isolation and restriction capabilities, and can accurately allocate CPU, memory and other resources to applications, ensuring that applications will not affect each other.

• Container cross-platform and mirroring . Although Linux containers have existed as early as the Linux 2.6 kernel, they lack the cross-platform nature of containers and are difficult to promote. Containers are a bold innovation based on the original Linux containers, setting up a set of standardized configuration methods for containers, packaging applications and their dependent operating environments into images, truly realizing the concept of building once and running anywhere, which greatly improves Containers are cross-platform.

• Easy to understand and easy to use . The original meaning of Docker in English is a dock worker who handles containers. The symbol is a whale transporting a large number of containers. A container is a container. It is vivid, easy to remember, and easy to understand. A developer can get started with Docker and install and deploy it in 15 minutes. This is a leap forward in the history of container use. Because of its ease of use, more people are paying attention to container technology, accelerating the pace of container standardization.

• Application mirror warehouse . Docker has officially built a mirror warehouse with an organization and management format similar to GitHub, on which thousands of mirrors have been accumulated. Because of Docker's cross-platform adaptability, it is equivalent to providing users with a very useful application store. Everyone can freely download microservice components, which provides great convenience to developers.

2.Docker common commands

When users use Docker, they need to use the Docker command line tool to establish communication dockerwith Docker daemon. Docker daemonIt is the Docker daemon process, responsible for receiving and distributing and executing Docker commands.

It is worth mentioning that dockerthe execution of commands generally requires rootpermissions, because Docker's command line tool dockerand Docker daemonare the same binary file, and is Docker daemonresponsible for receiving and executing dockercommands from, and its operation requires rootpermissions.

Before interpreting the commands, classify them according to their purpose to help everyone master dockerthe commands as quickly as possible.

Subcommand classification	child command
Docker environment information	info、version
Container lifecycle management	create、exec、kill、pause、 restart、rm、run、start、stop、 unpause
Mirror warehouse command	login、logout、pull、push、search
Image management	build、images、import、load、rmi、save、tag、commit
Container operation and maintenance operations	attach、export、inspect、port、ps、rename、stats、top、wait、cp、diff、update
Container resource management	volume、network
System log information	events、history、logs

Starting from dockerthe command usage, we sort out the command structure diagram as shown in the figure below.

2.1 Docker environment information

docker infoThe command is used to check whether Docker is installed correctly. If Docker is installed correctly, this command will output Docker's configuration information.

docker infoThe command is generally docker versionused in conjunction with the command. The combination of the two can extract sufficiently detailed Docker environment information.

$ sudo docker info

$ sudo docker version

2.2 Container life cycle management

Container life cycle management involves functions such as starting and stopping containers. Below are some examples of the most commonly used commands and the // commands responsible docker runfor starting and stopping .docker startstoprestart

2.2.1 docker run

docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

docker runCommands are used to create a container based on a specific image and control the container based on options.

$ sudo docker run ubuntu echo "Hello World"
Hello World

This is docker runthe most basic way to use the command. This command ubuntustarts a container from the image and executes echothe command to print out "Hello World". After executing echothe command, the container will stop running. docker runThe container started by the command will be randomly assigned a container ID ( CONTAINER ID) to identify the container.

When selecting an image to start a container, you can add after the image name tagto distinguish images with the same name, such as ubuntu:latest, ubuntu:13.04, ubuntu:14.04. If the user does not specify a specific image when selecting an image to start a container tag, Docker will select the image tagof by default latest.

$ sudo docker run -i -t --name mytest ubuntu:latest /bin/bash
root@83b752d52f3f:/#

In the above example, docker runthe command starts a container and assigns it a pseudo terminal to execute /bin/bashthe command. The user can interact with the container in the pseudo terminal. in:

• -iThe option means to use interactive mode and always keep the input stream open;
• -tThe option means to allocate a pseudo-terminal. Generally, when the two parameters are combined -it, you can use the open pseudo-terminal to perform interactive operations in the container;
• --nameThe option can specify docker runthe name of the container started by the command. Without this option, Docker will randomly assign a name to the container.

The usage of other docker runoptions can be found in the official documentation.

2.2.2 docker start / stop / restart

docker runThe command can create a new container to run, and for existing containers, you can use the // docker startcommand to start, stop and restart.stoprestart

When using docker runthe command to create a new container, Docker will automatically assign a unique ID to each new container as an identification. docker start// The command generally uses the container ID to identify the stopspecific restartcontainer. In some cases, the container name is also used to identify the container.

2.3 Mirror warehouse command

Docker registryIt is a warehouse that stores container images. Users can communicate Docker clientwith Docker registryto complete image search, download, upload and other related operations. DockerHub is a mirror warehouse provided by Docker on the Internet. It provides public and private storage services for mirrors. It is the main mirror source for users. In addition to Docker Hub, users can also build their own private servers to implement the mirror warehouse function. Below are some examples of the most commonly used docker pulland pushcommands.

2.3.1 docker pull

docker pullcommand is a common command in Docker, mainly used to pull Docker registryfrom imageor repository. There are many ready-to-use image resources in the official Docker repository Docker Hub, which docker pullcan be effectively used through commands. This also reflects the feature of Docker that compiles once and runs anywhere. At the same time, when the image is pulled locally, users can make their own changes based on the existing image, which also greatly speeds up the application development process.

docker pull [OPTIONS] NAME[:TAG @DIGEST]

When using docker pullthe command, you can obtain image resources from the official image library in the official Docker Hub, other public libraries, and private libraries. At the same time, you can also obtain image resources from private servers. Just add the user name, specific library name or server address before the specific image name to obtain the image. Usage examples are as follows:

#从官方Hub拉取ubuntu：latest镜像
$ sudo docker pull ubuntu
#从官方Hub拉取指明“ubuntu 12.04”tag的镜像
$ sudo docker pull ubuntu:ubuntu12.04
#从特定的仓库拉取ubuntu镜像
$ sudo docker pull SEL/ubuntu
#从其他服务器拉取镜像
$ sudo docker pull 10.10.103.215:5000/sshd

2.3.2 docker push

docker pullThe command corresponding to the command docker pushcan push the local imageor repositoryto the public or private image library of Docker Hub, as well as the private server.

docker push [OPTIONS] NAME[:TAG]

$ sudo docker images

2.4 Image management

2.4.1 docker images

docker imagesYou can use the command to list the images on the host. By default, only the top-level image is listed. You can use the -aoption to display all images.

docker images [OPTIONS] [REPOSITORY[:TAG]]

In the above example, the REPOSITORY attribute can be used to determine whether the image comes from an official image, a private repository, or a private server.

2.4.2 docker rmi / rm

The functions of these two subcommands are deletion, docker rmithe command is used to delete the image , and docker rmthe command is used to delete the container . They can delete multiple images or containers at the same time, or delete them based on conditions.

docker rm [OPTIONS] CONTAINER [CONTAINER...]

docker rmi [OPTIONS] IMAGE [IMAGE...]

It should be noted that rmiwhen using the command to delete an image, if there is already a container started based on the image, it cannot be deleted directly. The container needs to be deleted first. Of course, both subcommands provide -foptions to force the deletion of existing container images or starting containers.

2.5 Container operation and maintenance operations

2.5.1 docker attach

docker attachCommands are useful for developers to connect to a running container, observe the container's operation, or interact with the container's main process.

docker attach [OPTIONS] CONTAINER

2.5.2 docker inspect

docker inspectThe command can view detailed information about images and containers. By default, all information will be listed. You can --formatspecify the output template format through parameters to output specific information.

docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...]

For example:

#查看容器的内部IP
$ sudo docker inspect --format='{
    
    {.NetworkSettings.IPAddress}}' ee36
172.17.0.8

2.5.3 docker ps

docker psThe command can view container-related information. By default, only information about running containers is displayed . The information that can be viewed includes CONTAINER ID, NAMES, IMAGE, STATUS, execution after the container is started COMMAND, creation time CREATEDand bound opened ports PORTS. docker psThe most commonly used function of the command is to view the container CONTAINER IDin order to operate a specific container.

2.6 Other subcommands

In addition to the above commands, Docker also has a series of very useful subcommands, such as commitcommands to solidify containers into images. The following are examples of some of the more commonly used subcommands.

2.6.1 docker commit

commitThe command can solidify a container into a new image. When a specific image needs to be made, the container configuration will be modified, such as installing specific tools in the container, etc. commitThese modifications can be saved through the command so that they will not be lost when the container is stopped.

docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

When submitting and saving, you can only use running containers (that is, docker pscontainers that can be viewed) to create new images. When making a specific image, using committhe command directly is only a temporary auxiliary command and is not recommended. The official recommendation is to create and manage images through docker builda combination of commands Dockerfile.

2.6.2 docker events / history / logs

events, historyand logsThese three commands are used to view Docker’s system log information.

• eventsThe command will print out real-time system events.
• historyThe command will print out the historical version information of the specified image, that is, the command record of each layer of the image to build the image.
• logsThe command will print out the running log of the process in the container.

docker events [OPTIONS]
docker history [OPTIONS] IMAGE
docker logs [OPTIONS] CONTAINER

---

For the operation of Docker, we should combine more case operations for in-depth study and understanding, and do more exercises to lay a solid foundation. At the same time, an in-depth understanding of the core principles of Docker is helpful for mastering the use of Docker.