Docker is one for the development, delivery and open platform for running applications. Docker enables you to separate applications and infrastructure that can quickly deliver software. With Docker, in the same way that you can manage applications to manage the infrastructure. By using the method to quickly deliver Docker, testing and deployment of code, you can greatly reduce the delay between writing code and running in a production environment code.
Docker platform
Providing loose Docker isolated environment (referred to as a container) to package and run the application functionality. Isolation and security so that you can run multiple containers simultaneously on a given host. Container is very light, because they do not need to load additional management procedures, but runs directly in the kernel host. This means that compared to using a virtual machine, you can run more containers on a given hardware combinations. You can even run Docker containers is actually a virtual machine host!
Docker provides tools and platforms to manage the life cycle of container:
- Use container to develop the application and its supporting components.
- Container distribution and become a unit test application.
- When ready, the application can be used as a container or service orchestrated deployment to a production environment. Whether your production environment is the local data center, hybrid cloud provider, or both, they are the same.
Docker engine
Docker engine is a client - server applications, has the following main components:
- The server is running a long-term program, called daemons (dockerd command).
- REST API, which specifies a number of interfaces, the program can be used to communicate with and instruct their daemon operation.
- The client command line interface (CLI) (docker command).
CLI use Docker Docker REST API control daemon or interact with Docker daemon, through a script or directly through the CLI commands. Docker many other applications use the underlying API and CLI.
Daemon create and manage Docker objects, such as mirrors, containers, and network volumes.
Note: Docker open source license to Apache 2.0 license.
Docker can do?
Quickly and consistently deliver your application
Docker simplifies the development process and allows developers to use a standardized environment, applications and services into the local container work. Container is ideal for continuous integration and continuous delivery (CI / CD) workflow.
Consider the following example scenario:
- Developers write code locally, and use the Docker containers to share their work with colleagues.
- They use Docker their applications pushed to a test environment, and perform automatic and manual testing.
- When developers errors are found, they can be repaired in the development environment, and then re-deployed to the test environment for testing and verification.
- After the test is completed, the updated image simply pushed to the production environment.
In response to expansion and deployment
Docker container based workload platform allows highly portable. Docker containers can be, the data center physical or virtual machine, on a cloud provider or mixed environments running on the local laptop developers.
Portability and lightweight properties Docker also allows you to easily manage dynamic workloads, and instructs scalable applications and services based on business needs, almost in real time.
Run more workloads on the same hardware
Docker lightweight and fast. It is based on a virtual machine hypervisor, and a cost-effective alternative, you can use more computing power to achieve business goals. Docker is ideal for high-density environments as well as small to medium deployments, and you need to use fewer resources to do more things.
Docker architecture
Docker using a client - server architecture. Docker Docker between the client and the daemon can communicate with each other, daemon to complete the construction, operation and distribution Docker containers heavy work. Docker client and the daemon can run on the same system can also be connected to a remote Docker Docker client daemon. Docker client and Daemon REST API used to communicate on a UNIX socket or a network interface.
background program
Docker daemon ( dockerd) request and the API listens Docker Docker managed objects, for example a mirror, a container, and the network volume. Daemon also other programs can communicate with back-end services to manage Docker.
Docker client
Docker client ( docker) is the main way Docker Docker interaction with the user. When you use such docker runa command and the like, the client will be sent to these commands dockerdand then execute them. dockerCommand Docker API. Docker client can communicate with a plurality daemon.
Docker registry
Docker Docker image storage registry. Docker Hub is a public registry anyone can use, and by default, Docker has been configured to look in the mirror Docker Hub. You can even run their own private registration center. If Docker Data Center (DDC), which comprises the Docker trusted registry (DTR).
Use docker pullor docker runcommand, registry configuration from the desired mirror pulling. Use docker pushcommand, the mirror will push registry configuration.
Docker Object
When using Docker, you are creating and using a mirror, container, network, volume, plug-ins and other objects. This section is a brief overview of some of the objects.
Mirroring
Mirroring is a read-only template, which contains instructions to create Docker container. Typically, a mirror image on the other, and some customization. For example, you can build the image based on ubuntu and install the Apache Web server and your application, and configuration information needed to run the application.
You can create your own image, you can also use the mirror someone else posted in the registry. To build your own image, you can use a simple syntax to create a Dockerfile, definition of steps required to create a mirror image. Each instruction Dockerfile creates a layer image. When you change Dockerfile and rebuild the image reconstruction only those layers that have changed. Compared to other virtualization technologies, which is the mirror image so lightweight, small and fast part of the reason.
container
The container is a running instance may be mirrored. You can create use Docker API or CLI, start, stop, move or delete containers. You can container is connected to one or more network-attached storage, or even create a new image based on its current state.
By default, the degree of isolation between the container and other containers and the host is relatively high. You can control the network vessel, the degree of isolation between the subsystem and the underlying storage or other hosts or other container.
Create or configure the container when activated by the definitions provided in the mirror as well. After you remove the container, the state is not stored in persistent storage changes will disappear.
docker run Command Example
Run the following commands ubuntu container, and interactively command line attached to the local session, then run /bin/bash.
$ docker run -i -t ubuntu /bin/bash
When you run this command, the following happens (assuming that you are using the default registry configuration):
-
If no local ubuntu mirror, the Docker will pull its configuration from the registry, equivalent to manually run
docker pull ubuntu. -
Docker create a new container, equivalent to manually run the
docker container createcommand. -
Docker a read-write file system assigned to the container, as the last layer. This allows the operation of the vessel create or modify files and directories in its local file system.
-
Docker created a network interface to connect the container to the default network, because you do not specify any network options. By default, the container may be connected to an external network using the host network.
-
Docker container and start the execution
/bin/bash. Because the container is interactive operation, and has been attached to your terminal (due-iand-tnumerals), you can use the keyboard to enter commands. -
When you enter
exitterminate/bin/bashcommand, the vessel will stop but will not be deleted. You can restart or delete it.
service
You can extend the service container between multiple daemons, the daemons work together to form a swarm cluster, including multiple management end and a working end. Each member of the swarm cluster are Docker daemon, and all background programs use Docker API to communicate. Service allows you to define the desired state, for example, the number must be available at any given time service copy. By default, this service load balancing among all working nodes. For consumers, Docker service is like a separate application. Docker Engine supports the swarm cluster mode on Docker 1.12 and later.
The underlying implementation
Docker with Go write and use multiple functions of the Linux kernel to achieve its function.
Command space ( namespace)
Docker uses a technique called a namespace to provide isolation of the work area called containers. When you run the container, Docker creates a set of namespaces for the container.
The namespace provides a layer of isolation. All aspects of the container are run in a separate namespace, and access to it is limited to the namespace.
Docker Engine uses the following namespaces on Linux:
pidNamespace: Process Isolation (PID: Process ID). netNamespace: management network interface (NET: Network). ipcNamespace: managing access to resources of IPC (IPC: Inter-process communication). mntNamespace: manages the file system mount points (MNT: Mount). utsNamespace: isolation and kernel version identifier. (UTS: Unix time-sharing system).
Control groups (Control groups)
Docker engine on Linux also depends on the other is called the control group ( cgroupstechnology). cgroup limit the application on a specific set of resources. Docker control allows the engine group to share the hardware resources available to the vessel, and selectively restrictions and constraints. For example, you can restrict a particular container available memory.
Joint File System (Union file systems)
United UnionFS file system or file system operates by creating a layer, making it very lightweight and fast. Docker Engine UnionFS provided for the container using the building blocks. UnionFS Docker Engine can use multiple variants, including AUFS, btrfs, vfs and DeviceMapper.
Container format
Docker Engine namespace, to the control and wrapper combination UnionFS called container format. The default container format libcontainer. In the future, Docker likely to support other container formats through integration BSD Jails or Solaris Zones technology.
The next step
- Read about installing Docker .
- By Docker introductory tutorial to get practical experience.
- In Docker Engine User's Guide to view examples and depth discussion of each topic.