Add in the first sentence of the text: Little knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.
At present, with the popularity of CICD, Docker is being applied more and more. In order to unify the development environment and deployment environment, the company also begins to require the front-end to carry out project development on the basis of Docker. As a result, the company has also begun to study Docker recently. I hope the content I share can help everyone have a better understanding of Docker. Let’s learn and communicate together and come on together!
1. Introduction of Docker
Virtualization technology
When talking about Docker, we must first mention a technology called “virtualization technology”. In the traditional way, one physical machine corresponds to one service, so there will be a lot of idle resources, resulting in resource waste. Therefore, virtualization technology has emerged. Virtual machines are usually cross-platform, so commands on virtual machines are translated into commands for each host platform. However, virtual machines also have the following disadvantages:
- Performance degradation: Virtualization is encapsulated on the hardware layer, which inevitably results in performance loss compared to traditional physical machines. In the I/O flow, the I/O is written directly to the physical disk, whereas the I/O of a VM is first written to the VM image file of the host system, and then written to the physical disk using a certain policy by the host
- Complex configuration: The configuration of a VM is more complex than that of a physical machine, resulting in increased maintenance costs
Container technology
The technology Docker applies is called “container technology”. Container technology is a kind of virtualization technology, which completely releases the power of computing virtualization, greatly improves the maintenance efficiency of applications and reduces the cost of cloud computing application development. The reason is that in the traditional virtualization technology, any command needs to be transformed once through the virtual platform, but there is no such thing as command transformation in the container. It is based on cgroup and Namespace of Linux kernel, and Union FS of OverlayFS class to encapsulate and isolate the process. Virtualization technology at the operating system level. It uses Linux commands, so there is no command conversion step. Although Docker is released for Windows and MAC, the principle is to first build a virtual Linux kernel on Windows and MAC systems, and then run Docker on this basis
Docker
Containerized technology can maintain environment consistency, and Docker has a higher utilization rate of system resources, faster start-up time and easier application migration, so there will be significant improvement in development efficiency, deployment efficiency, test efficiency and operation and maintenance efficiency
Docker design concept
Docker generally advocates “one container for one application”. Generally speaking, in order to facilitate management, one container for one application is adopted
2. Core components of Docker
The mirror
Docker image is a special file system. In addition to providing programs, libraries, resources, configuration files required by the container during runtime, Docker image also contains some configuration parameters prepared for runtime (such as anonymous volumes, environment variables, users, etc.). It does not contain any dynamic data
Docker’s image is incremental and will have the following features
- When a mirror is built, one layer is built on top of the other
- Each change to an image is an incremental addition to the original image
- If you delete files in the current layer, the result is not actually deleted, but only marked as not deleted, so when building the image, you need to be extra careful that each layer contains only what needs to be added to that layer
The container
If the image is a class, then the container is an instance,
The container contains the following sections
-
Image: Each container runtime, based on the image, creates a storage layer on top of the current container, we can call this storage layer prepared for the container runtime read and write “container storage layer”, when the container dies “container storage layer” also dies
-
Running environment: Container processes run in their own separate namespace, which makes them more secure
-
A set of instructions: create, start, stop, delete, pause, etc
-
Data volumes: Typically, they are not stored in the container storage layer, but are plugged into the host file system
-
Network: set up a set of independent domain name resolution container, let multiple containers join an independent environment
Docker engine
Docker Deamon: Container management, application orchestration, image distribution and other functions that Docker can provide are all concentrated in Docker Deamon. Image module, container module, data volume module and network module are also implemented in Docker Deamon. Moreover, it exposes a set of Restful APIS to operate Docker Deamon
Docker Cli: Docker Cli is a console program that calls RESTFul apis
3.Docker install
Docker comes in 2 versions
Community version (free) : All basic container management features
Enterprise edition (for a fee) : provides container management, image management, and security functions
Linux installation
The installation manual can be found on the official website: www.docker.com/
Learn to use
Sudo systemctl start docker // Start the service sudo systemctl enable docker // Start the automatic start sudo docker version // Check the docker version sudo docker Info // View more information about Docker EngineCopy the codeConfiguring an Access Mirror
In Linux, you can modify the configuration file of the docker service by modifying /etc/docker-daemon. json (if the file does not exist, you can create it directly).
{
"registry-mirrors": [
"https://registry.docker-cn.com"
]
}
Copy the codeRestart the Docker after the modification is complete
$ sudo systemctl restart docker
Copy the codeTo verify that our configured image source works, we can check the list of currently registered image sources through Docker Info.
$ sudo docker info
## ......
Registry Mirrors:
https://registry.docker-cn.com/
## ......
Copy the codeIf you are using docker Desktop, this can be set in Setting
Docker desktop
version
- The Windows version
- Mac version
Operating principle: it is to create a virtual Linux on Windows or OsX, and then establish docker Deamon on it, through RESTful API communication
File mount
- Windows version is available in shared Driver
- Mac version in File Sharing
Network Settings
- The Windows version is available on NETWORK
- Mac version available on Resources NETWORK
Deamon configuration in Docker Engine => Configuration file => deamon.json
Docker images and containers
The mirror
Docker image is packaged in accordance with Docker fixed format, so it needs to use Docker API to package, which is convenient for sharing. In addition to providing programs, libraries, resources, and configuration files required by the container, an image also contains configuration parameters (such as anonymous volumes, environment variables, and users) prepared for the runtime. An image has the following features
- The image ID is usually a 64-bit Hashcode containing the ID of the base layer on which the image is built.
- Split storage of images
- The image size shown is the real size, whereas on docker Hub it is the size of the compressed package (saving network bandwidth)
- The size shown here is also not the actual size stored on the hard disk, because the Docker image will share the same base layer, so the actual disk size occupied by the image may be much smaller than the actual disk size
The container
The essence of a container is a process, but different from the process executed directly in the host, container processes run in their own independent namespace, container processes run in an isolated environment, which makes the application in the container more secure. The container is not copied when it is created and started. Instead, two Pointers are used to point to the same memory space, and only one is copied for modification.
Container and mirror are tiered storage, a container at run time based on image of base layer, on the basis of the create the storage layer, the storage layer will be eliminated with the death of the container, all data is stored in the recommended when binding data volume (volume) to the host file system, so the data reading and writing will skip the container storage layer, Directly in the host system to ensure the stability and performance of the data
The lifecycle of a container is as follows
- created
- running
- stopped
- paused
- deleted
warehouse
The Docker repository is similar to Github, where a variety of images are packed by others and can be pulled down and used. Take the Ubuntu image as an example. Ubuntu is the name of the repository, which contains different version labels such as 16.04 and 18.04. We can specify which version of the image we want with Ubuntu :16.04 or Ubuntu :18.04. If you omit the tag, such as Ubuntu, it will be treated as Ubuntu: Latest.
The relevant data
- The Docker’s official website
If you like, you can check my column (Docker you need to know the knowledge point). I will try to keep it updated every week. If you like it, please kindly give me a thumbs-up
For those of you who like “Typescript”, check out another column I’ve shared about common Typescript topics to help you understand what TS means
If you like “algorithm”, you can have a look at another column I share (front-end algorithm) there are more about the topic of the algorithm to share, I hope to help you a deeper understanding of the algorithm
The purpose of this article is to study, discuss and share the experience in the process of learning TS. Some of the materials in this article are from the network. If there is any infringement, please contact us to delete [email protected]