A container of three concept
1. Mirror 2. equivalent of playing off container, independent space 3. warehouse
Two concepts: Due to the implementation of isolation on a physical machine, start the container and start the process as fast
Three core technologies:
1.Cgroups (Control Groups) - Resource Management: Control how much memory the most used, cpu, to limit the use of resources
2.NameSpace- namespace division basis (all resources drive system) in the total space on the independent space, something spacer 6 as follows:
1. The host name (a terminal to change the host name, all other terminals open can see to turn over the host name) - the vessel can not see
2. Network namespaces (the time when a terminal changed ip address, with the rest of the terminal board does not go up the original ip) - container changed ip
3. File System namespace (chroot to change the root directory path)
4. The process namespace (pstree perform several processes) can only see their own process, other processes can not see
The namespace signal vector (such as kill -l signal 64, will send a response signal process)
6. User Quarantine (different namespaces, there are different users)
3.Selinux security
Three .Docker concept
1 is a complete container management system
2.docker provides a set of commands, allowing users to more easily use direct
3. Advantages: compared to traditional virtualization technology, more simple and efficient container, the container does not require a virtual machine operating system (linux drawback is not compatible with windows), container and use shared public library program
Disadvantages: 1. isolation line is not strong virtualization (a change all all changed)
2. Public linux kernel, security, birth defects
3.Selinux difficult to control
4. Monitoring container and container troubleshooting challenge
IV. Installation docker
1. Installation preparation:
It requires a 64-bit operating system
At least above RHEL6.5 version, it is strongly recommended RHEL7
Turn off the firewall (must)
2. Configure yum source (create two virtual machines docker1, docker2)
1.docker package is located below the disc RHEL-extras.iso
2. Create a physical machine in the ftp directory folder extras
mkdir /var/ftp/extras
3. mount the CD in this directory
Extras RHEL-Mount / var / FTP / Extras
DF -H check
4. Installation docker
yum -y install docker (35 packets)
systemctl restart docker
systemctl enable docker
V. Mirror
1. In the docker container based mirroring is activated
2. Mirror is the start of the core container
3. mirroring is enabled hierarchical design
4. Use cow snapshot technology, ensure that the underlying data is not lost
5. docker images to view mirror
6. official website: (URL download mirrors on hub.docker.com)
7. The command line search mirror: docker search keywords (such as nginx)
]#docker search busybox
] #Docker pull docker.io/busybox (this is the official, most downloads)
VI. Download upload image
]#docker help pull
]#docker pull [options] name[:tag| @digest]
] #Docker pull docker.io/busybox Download Mirror
] #Docker push docker.io/busybox upload image
Packaged mirror
docker save name (repository): label (tag) -o filename
docker1]#docker save docker.io/busybox:latest -o busybox.tar
docker1]#scp busybox.tar [email protected]:/root
docker2]#ls
docker2]# docker images
docker2]#docker load -i busybox.tar
docker2]#docker images
Run container:
docker run -it docker.io/busybox:latest / bin / sh # / bin / sh command to start, if you do not write it as the default startup command
/ # Ps -ef process isolation
/ # Hostname hostname isolation
/ # Ifconfig network isolation
/ # Ls / file system isolation
/ # Cat / etc / passwd user isolation
/ # Signal vector Namespace Isolation
Mirroring commonly used commands
1.docker history making history view mirror
]#docker history docker.io/redis:latest
2.docker inspect view the underlying details
]#docker inspect docker.io/redis:latest
Env Environment Variables
Cmd Start command
3.docker images view mirror list
4.docker pull Mirror Download
] #Docker pull docker.io/busybox Download Mirror
5.docker push upload image
] #Docker push docker.io/busybox upload image
6.docker rmi delete a local mirror
]#docker rmi docker.io/centos
7.docker save image save as tar package
]#docker save docker.io/busybox:latest -o busybox.tar
8.docker load using tar package into the mirror
]#docker load -i busybox.tar
9.docker search image search
10.docker tag and modify the image name tags
] #Docker tag docker.io/centos:latest cen: v1 will docker.io/centos:latest changed cen: v1
Container commonly used commands:
containers docker run run
docker ps View a list of container
docker stop closed container
containers docker start start
docker restart to restart the container
docker attach | exec into the container
docker inspect the vessel to view the underlying information
docker top view of the container process list
docker rm delete container