Basic introduction to docker

one sentence summary

dockerfile: something like "package.json"

Image: Similar to "Win7 pure version.rar"

Container: a complete operating system

what is docker?

Docker is an open source project implemented in Go language, which allows us to easily create and use containers. Docker packages the program and all its dependencies into the docker container, so that your program can have consistent performance in any link. Here is the program The dependency of operation is that the container is like a container, and the operating system environment where the container is located is like a cargo ship or port. The performance of the program is only related to the container (container), and has nothing to do with which cargo ship or port (operating system) the container is placed on.

Container technology only isolates the runtime environment of applications, but containers can share an operating system . The runtime environment here refers to various libraries and configurations that programs depend on to run

Note that containers are a general technology, docker is just one implementation of it

Advantages of docker

1. Environmental isolation

   • Docker implements resource isolation, enabling one machine to run multiple containers without affecting each other. Develop, deploy, and run applications based on containers

2. Deliver deployments faster

   • Using docker, developers can use the image to quickly build a standard R&D environment. After the development is completed, test and operation and maintenance personnel can directly deploy code by using this image

3. more efficient use of resources

   • The operation of docker does not require the support of additional hypervisors. It is a kernel-level virtualization that can achieve higher performance while requiring very little additional resources.

4. Easier to migrate and expand

   • docker runs on almost any platform

5. Easier update management

   • Using dockerfile, only a small configuration modification is required to replace a large number of update work in the past, and all modifications are distributed and updated in an incremental manner, thereby achieving automated and efficient container management

6. Reboot faster

   • It only takes a few seconds to start a docker, and a few minutes for a virtual machine

Three concepts of docker

The entire life cycle of docker consists of three parts: image (image) + container (constainer) + warehouse (repository)

Each host (computer), after downloading docker, can generate multiple images, and each image can create multiple containers. When publishing to the repository, the unit of image is. It can be understood as: a container is an independent virtual operating system that does not affect each other, and an image is the installation package of this operating system. To generate a container, the installation package (image) must be generated once, which is the core concept of Docker

Image

Similar to an image on a virtual machine, it is a read-only template for the docker engine that contains a filesystem. Any application needs an environment to run, and images are used to provide this environment. For example, an Ubuntu image is a template (installation package) containing the Ubuntu operating system environment. Similarly, if Apache software is installed on the image, it can be called an Apache image.

Container

Similar to a lightweight sandbox, it can be viewed as a minimalist Linux system environment (including root privileges, process space, user space, and network space, etc.), and applications running in it. Docker Engine runs in containers, isolating individual applications. Containers are application instances created by images. You can create, start, stop, and delete containers. Each container is isolated from each other and does not affect each other.

Note: The image itself is read-only. When the container starts from the image, Docker creates a writable layer on top of the image, and the image itself remains unchanged.

Repository

Similar to the code repository, this is the image repository, which is where Docker uses to centrally store image files.

Note the difference with the registry server (Registry): the registry server is the place where the warehouse is stored, and there are usually multiple warehouses; and the warehouse is the place where the mirror is stored. Generally, each warehouse stores a type of mirror, and each mirror is distinguished by a tag. For example, the Ubuntu repository stores Ubuntu images of multiple versions (12.04, 14.04, etc.)

Traditional Virtual Machines vs Containers

It can be seen that in a traditional virtual machine, each time a virtual machine is opened, it is equivalent to running a system, which is very resource-intensive, but containers (take docker as an example). It also has the effect of isolation between applications

Its bottom layer is achieved through namespace (namespace) and control groups

Its essence is to publicize duplicate resources and make resource allocation more reasonable.

In this way, in addition to reasonable resource allocation, it can also unify the environment of the application.

Docker-based development process

The developer generates (build) an image (image) through dockerfile, generates a container (constainer) through docker run ... , and can push this image to the remote warehouse ( docker push ), either For others to download ( docker pull ) and then run to generate the container. And some environment variables can be written into the dockerfile, which maintains the consistency of the environment and can be ported to any server

Principles of Technical Implementation

The problem solved by namespace is the problem of environment isolation

Cgroups solve the isolation of computer resource usage

Architecture diagram

how docker works

Docker uses the common CS architecture, that is, the client-server mode. The docker client is responsible for processing various commands input by the user, such as docker build and docker run. The real work is actually the server, that is, the docker daemon (daemon process). It's worth noting that docker client and docker daemon can run on the same machine

Let's explain the docker workflow with a few commands:

docker build

This command is used when we finish writing the dockerfile and give it to docker to "compile", then the client forwards the request to the docker daemon after receiving the request, and then the docker daemon creates an "executable program" image based on the dockerfile

docker run

After you have the "executable program" image, you can run the program. Next, use the command docker run. After receiving the command, the docker daemon finds the specific image, and then loads it into the memory for execution. The image is executed as the so-called container.

docker pull

In fact, docker build and docker run are the two most core commands. Basically, docker can be used with these two commands, and the rest is some supplements.

What does docker pull mean? Students who have studied git know that there is git pull, which pulls data from remote warehouses. You can put your image on docker hub. We use docker pull, which is to download images from docker hub

The implementation of this command is very simple. The user sends the command through the docker client. After receiving the command, the docker daemon sends an image download request to the docker registry. After downloading, it is stored locally, so that we can use the image.

This is my 19-year old article, currently doing transportation and sorting