Docker
1 Docker Profile
1.1 What is virtualization
In the computer, virtualization (English: Virtualization) is a resource management technology, the various entities is the computer's resources, such as servers, network, memory and storage, etc., to be abstract, presented after conversion to break the inter-entity structure obstacles can not be cut, so that the user can configure than the original better way to use these resources. Many of these new virtual resources is not the way to set up existing resources, geographical or physical configuration is limited. Virtualized resources generally referred to include computing power and data storage.
In the actual production environment, virtualization technology is mainly used to solve high-performance physical hardware overcapacity and the old old hardware capacity is too low reorganization reuse, transparency underlying physical hardware to maximize the use of physical hardware resources Take advantage of
Many types of virtualization technologies, such as: software virtualization and hardware virtualization, memory virtualization, network virtualization (vip), desktop virtualization, service virtualization, virtual machines, and so on.
1.2 What is the Docker
Docker is an open source project, was born in early 2013, it was initially an amateur project internal dotCloud company. It is based on Google's launch of the Go language. Project later joined the Linux Foundation, the Apache 2.0 protocol compliance, project code at GitHub perform maintenance on.
Docker since the open source widespread attention and discussion that dotCloud companies were later renamed Docker Inc. Redhat has concentrated its support Docker RHEL6.5 in; Google is also widely used in its PaaS offerings.
Docker project's goal is to achieve a lightweight operating system virtualization solution. Docker is the foundation of Linux containers (LXC) technology.
On the basis of the LXC Docker was further package, so users do not need to care about container management, making the operation easier. User Action Docker containers just as you do a fast lightweight virtual machine as easy.
Why Docker?
(1) fast chips.
Users need only a few minutes, you can put your own program "Docker of." Docker depends on the "copy-on-write" (copy-on-write) model, the changes to the application very quickly, it can be said to achieve "due to heart, that is the code change" realm.
随后,就可以创建容器来运行应用程序了。大多数Docker容器只需要不到1秒中即可启动。由于去除了管理程序的开销,Docker容器拥有很高的性能,同时同一台宿主机中也可以运行更多的容器,使用户尽可能的充分利用系统资源。
Logical classification (2) duties
Use Docker, developers only need to be concerned about the application running in the container, and the operation and maintenance personnel only need to be concerned about how to manage the container. Docker design purpose is to enhance the production environment consistency developers to write code development environment and applications to be deployed. Thereby reducing the kind of "developing everything is normal, certainly operation and maintenance problems (the test environment is normal, on the line out of the question comes down to is certainly the issue of operation and maintenance)."
(3) rapid and efficient development life cycle
One of the goals is to shorten the code from Docker development, testing to deployment, on-line operation cycle, so that your application has portability, easy to build, and easy collaboration. (Popular thing to say, Docker is like a box, which can hold a lot of items, if you need these objects can be directly take away the big box, without the need for a piece taken from the box.)
(4) encourage the use of service-oriented architecture
Docker also encourage service-oriented architecture and micro-architecture services. Docker recommend a single container to run only one application or process, thus forming a distributed application model, in this model, application or service can be represented as a series of interconnected inside the container, so that the distributed deployment app, extension or debugging applications are very simple, but also improve the introspection of the program. (Of course, you can run multiple applications in a container)
1.3 virtual machine container and compare
The image below compares the differences between Docker and traditional way of virtualization, virtualized containers are visible, direct reuse the local host operating system, while the traditional way it is implemented in hardware level at the operating system level.
Compared with the traditional virtual machine, Docker advantage is reflected as fast start, taking a small volume.
1.4 Docker components
1.4.1 Docker server and client
Docker is a client - server (C / S) architecture program. The client only needs to Docker Docker server or daemon makes a request, the server or daemon will do all the work and returns the result. Docker provides a command-line tool Docker and a set of RESTful API. You can run Docker daemon and client on the same host, you can also connect from the local client to run remote Docker Docker daemon on another host machine.
1.4.2 Docker mirror container
Mirroring is the cornerstone of Docker's. Users to run their own container-based mirroring. Mirror also Docker "build" part of the life cycle. Mirror layer structure is based on a combined file system, step by step to build up a series of instructions. E.g:
Add a file;
Execute a command;
Open a window.
The container may also be mirrored as "source code." Mirror very small, very "portable", easy sharing, stored and updated.
Docker can help you build and deploy container, you just need your own application or service can be packaged into containers. Container is mirrored boot up, the vessel can run on one or more processes. We can believe that the mirror is built or packaged Docker stage of the life cycle, and the container is started or the implementation phase. Based on a mirrored boot container, the container once the startup is complete, we will be able to log on to the container install software or services they need.
So Docker container is:
An image format;
Some standard operating column;
An execution environment.
Docker draws on the concept of a standard container. The standard container cargo shipped around the world, Docker will use this model to their own design, the only difference is: container transport of goods, transport and Docker software.
和集装箱一样,Docker在执行上述操作时,并不关心容器中到底装了什么,它不管是web服务器,还是数据库,或者是应用程序服务器什么的。所有的容器都按照相同的方式将内容“装载”进去。
Docker也不关心你要把容器运到何方:我们可以在自己的笔记本中构建容器,上传到Registry,然后下载到一个物理的或者虚拟的服务器来测试,在把容器部署到具体的主机中。像标准集装箱一样,Docker容器方便替换,可以叠加,易于分发,并且尽量通用。
1.4.3 Registry (Registry)
Registry Docker with user to save the image built. Registry is divided into public and private two kinds. Docker company operates a public Registry called the Docker Hub. Users can sign up for an account at Docker Hub, share and save their own image (Note: Docker Hub giant slow download the image, you can build your own private Registry).
https://hub.docker.com/
2 Docker installation and startup
2.1 Installation Docker
Docker official recommended to install in Ubuntu, because Docker is based on Ubuntu release, but problems arise general Docker Ubuntu is the first update or patch. In many versions of CentOS is not supported by some of the latest patch update package.
Since we are using the learning environment it is CentOS, so here we will Docker installed on CentOS. Note: It is recommended to install at least CentOS7.x version, in CentOS6.x version, you need to install before installing a lot of other environmental and Docker many patches do not support updates.
Please direct mount curriculum supporting Centos7.x mirror
(1) yum update to the latest package
sudo yum update
(2) require installation package, yum-util provide yum-config-manager function, the other two are driven dependent devicemapper
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
(3) Set yum source cloud Ali
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
(4) mounted docker
sudo yum install docker-ce
(5) After installing the version View docker
docker -v
2.2 Set mirror ustc
ustc is a veteran of linux mirror service provider, and as far in ubuntu 5.04 version when in use. docker Mirror accelerator speed ustc quickly. One of the advantages ustc docker mirror is no need to register, is a real public service.
https://lug.ustc.edu.cn/wiki/mirrors/help/docker
Edit the file:
vi /etc/docker/daemon.json
Enter the following in the file:
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
2.3 Docker start and stop
systemctl command is the command system services manager
Start docker:
systemctl start docker
Stop docker:
systemctl stop docker
Restart docker:
systemctl restart docker
View docker Status:
systemctl status docker
boot:
systemctl enable docker
View docker summary information
docker info
View docker help documentation
docker --help
3 Common Commands
3.1 mirroring command
3.1.1 View Mirror
docker images
REPOSITORY: image name
TAG: image tag
IMAGE ID: ID mirroring
CREATED: Creation Date mirrored (not the acquisition date of the mirror)
SIZE: image size
These images are stored in the host Docker / var / lib / docker directory
3.1.2 Search Mirror
If you need to find the image you want from the network, you can search by the following command
docker search 镜像名称
NAME: warehouse Name
DESCRIPTION: Mirror Description
STARS: user evaluation, a mirror of the reaction popularity
OFFICIAL: Are official
AUTOMATED: automatically build, indicating that the mirror automatically build process created by the Docker Hub
3.1.3 pull mirroring
Pulling mirror image is downloaded from the central to the local repository
docker pull 镜像名称
For example, I want to download centos7 Mirror
docker pull centos:7
3.1.4 remove the mirror
Mirror Mirror ID delete Press
docker rmi 镜像ID
Delete all mirrors
docker rmi `docker images -q`
3.2 vessel-related commands
3.2.1 View container
View container running
docker ps
View all containers
docker ps –a
View the last run of the container
docker ps –l
Check stop container
docker ps -f status=exited
3.2.2 Creating and starting container
Create a custom container Parameters:
Create a container command: docker run
-i: indicates the operating container
-t: a rear container starts will enter its command line. After the addition of these two parameters, the vessel will be able to create log into. That is assigned a pseudo-terminal.
-name: named container created.
-v: represents the directory mapping relationship (the former is the host directory, which is mapped to a directory on the host), you can use multiple -v do multiple directories or file mappings. Note: It is the directory for mapping, making changes on the host, and then to share the container.
-d: run behind the -d parameter will create a guardian of the container does not automatically logged container after (this container is created in the background, adding -i -t if only two parameters, it will automatically go after creation container).
-p: mapping the port, the former is a host port, which is mapped in the port of the container. You can use multiple -p port mapping to do more
Create a container (1) interactive mode
docker run -it --name=容器名称 镜像名称:标签 /bin/bash
Then we see the ps command, you can see the launch of the vessel was found, state to start state
Exit the current container
exit
(2) create the container type guard mode:
docker run -di --name=容器名称 镜像名称:标签
Login guardian container ways:
docker exec -it 容器名称 (或者容器ID) /bin/bash
3.2.3 stop and start the container
Stop the container:
docker stop 容器名称(或者容器ID)
Start container:
docker start 容器名称(或者容器ID)
3.2.4 file copy
You can use the cp command if we need to copy the file into the container
docker cp 需要拷贝的文件或目录 容器名称:容器目录
Files can also be copied from the container
docker cp 容器名称:容器目录 需要拷贝的文件或目录
3.2.5 directory is mounted
When we can create a container, the container directory in the directory are mapped host, so that we can modify the host file to a directory in order to influence the container.
Create a container add -v parameter back to the host directory: container, for example:
docker run -di -v /usr/local/myhtml:/usr/local/myhtml --name=mycentos3 centos:7
If you share a multi-level directory, insufficient permissions prompt may appear.
This is because the security module selinux CentOS7 authority of the ban, and we need to add parameters --privileged = true to solve the problem without permission mounted directory
3.2.6 View IP address container
We can see the vessel running the following command a variety of data
docker inspect 容器名称(容器ID)
You can also perform the following command to direct output direct IP address
docker inspect --format='{{.NetworkSettings.IPAddress}}' 容器名称(容器ID)
3.2.7 delete container
Removes the specified container:
docker rm 容器名称(容器ID)
4 application deployment
4.1 MySQL deployment
(1) Pull mirror mysql
docker pull centos/mysql-57-centos7
(2) create the container
docker run -di --name=tensquare_mysql -p 33306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql
The -p port mapping, port mapping format host: port container runtime
-e Add the environment variable MYSQL_ROOT_PASSWORD on behalf of the root user's login password
(3) remote login mysql
Connecting the host IP, as specified port 33306
4.2 tomcat deployment
(1) Mirror Pull
docker pull tomcat:7-jre7
(2) create the container
Create a container -p indicates the address mapping
docker run -di --name=mytomcat -p 9000:8080
-v /usr/local/webapps:/usr/local/tomcat/webapps tomcat:7-jre7
4.3 Nginx deployment
(1) Mirror Pull
docker pull nginx
(2) create Nginx container
docker run -di --name=mynginx -p 80:80 nginx
4.4 Redis deployment
(1) Mirror Pull
docker pull redis
(2) create the container
docker run -di --name=myredis -p 6379:6379 redis
5 Migration and Backup
Image storage container is 5.1
We can save the following command vessel for the mirror
docker commit mynginx mynginx_i
5.2 image backup
We can save the image with the following command as tar files
docker save -o mynginx.tar mynginx_i
5.3 image recovery and migration
First we removed mynginx_img mirror and then execute the command to be restored
docker load -i mynginx.tar
-I input file
After performing to view mirror again, you can see the image has been restored
6 Dockerfile
6.1 What is Dockerfile
Dockerfile script is a series of commands and parameters constituted these commands to the base image and ultimately create a new image.
1. For developers: provide a consistent development environment for the development team;
2, for the testers: You can take a direct mirror image constructed when developing or build a new image by Dockerfile file to begin work;
3, for transportation and maintenance personnel: at deployment time, enables seamless migration of applications.
6.2 Common Commands
| command | effect |
|---|---|
| FROM image_name:tag | Which defines the use of the base image to start the process of building |
| MAINTAINER user_name | Disclaimer mirror creator |
| ENV key value | Set Environment Variables (you can write multiple) |
| RUN command | Dockerfile is a core part (you can write multiple) |
| ADD source_dir / file dest_dir / file | Copy the file to the host of the container, if it is a compressed file, it will automatically extract after replication |
| COPY source_dir / file dest_dir / file | And like ADD, but if there is not a compressed file and unzip |
| WORKDIR path_dir | Set the working directory |
6.3 using a script to create a mirror
step:
(1) Create a directory
mkdir –p /usr/local/dockerjdk8
(2) Download jdk-8u171-linux-x64.tar.gz and uploaded to the server (virtual machine) in the / usr / local / dockerjdk8 directory
(3) create a file Dockerfile vi Dockerfile
#依赖镜像名称和ID
FROM centos:7
#指定镜像创建者信息
MAINTAINER ITCAST
#切换工作目录
WORKDIR /usr
RUN mkdir /usr/local/java
#ADD 是相对路径jar,把java添加到容器中
ADD jdk-8u171-linux-x64.tar.gz /usr/local/java/
#配置java环境变量
ENV JAVA_HOME /usr/local/java/jdk1.8.0_171
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH
ENV PATH $JAVA_HOME/bin:$PATH
(4) Construction of the mirror Run
docker build -t='jdk1.8' .
Note the back of the spaces and points, do not omit
(5) whether to establish a complete view mirror
docker images
7 Docker private warehouse
7.1 private warehouse set up and configuration
(1) Pull private warehouse image (this step is omitted)
docker pull registry
(2) Start private container warehouse
docker run -di --name=registry -p 5000:5000 registry
(3) Open the browser and enter the address http://192.168.184.141:5000/v2/_catalog see {"repositories":[]}representation of private warehouse and build a successful content is empty
(4) modified daemon.json
vi /etc/docker/daemon.json
Add the following content, save and exit.
{"insecure-registries":["192.168.184.141:5000"]}
This step allows docker trust for private warehouse address
(5) Restart docker Service
systemctl restart docker
7.2 Mirroring uploaded to a private warehouse
(1) This marked as private mirror image warehouse
docker tag jdk1.8 192.168.184.141:5000/jdk1.8
(2) container to start again PW
docker start registry
(3) labeled image upload
docker push 192.168.184.141:5000/jdk1.8
