Docker is an open source project based on Linux container technology, developed by Go language, with portability and lightweight characteristics.
An overview,
1. The Docker engine
Docker uses C/S architecture, which mainly contains three components: 1) Docker CLI (Command line interface), Docker client, and Docker API. 2) REST API, responsible for passing client instructions to the server. 3) Docker deamon (Dockerd) is a server daemon. It receives Docker API request management Docker object, can communicate with other daemons, so as to better manage Docker service. There are three parts: Docker Server, Engine, and Job THE CLI interacts with Dockerd through REST apis. Dockerd creates and manages Docker objects, such as images, containers, networks, and volumes.
2. The Docker warehouse
Docker image storage, the default public repository is Docker Hub, configurable.
3. Some common Docker objects
1) Image, create a read-only template for the container, you can use Dockerfile to build your own image. In Dockerfile, define the steps required to create and run the image. Each instruction creates a layer in the image. When changing the Dockerfile and rebuilding the image, only those layers are rebuilt. 2) A container, which is a running instance of an image, can be connected to one or more networks, or storage can be connected to it. 3) Services, which can extend containers between multiple Docker daemons and support clustering in advanced versions.
4. Core components
1) Containerd: Originally spun out of Docker, Containerd was donated by Docker to CNCF Foundation, and now it graduates from CNCF. 2) RUNC: RunC was developed when Docker donated its LibContainer runtime when it co-founded OCI with other companies.
5. Underlying technology
1) Namespaces
Provide isolated workspaces for Docker. When a container is created, Docker creates a set of namespaces for the container. These namespaces provide a layer of isolation. The container runs in this single namespace and access is limited to that namespace. The namespace used by The Docker engine on Linux is as follows: The PID Namespace: Process Isolation (PID: Process ID). The net namespace: Managing network interfaces (NET: Networking). The ipc namespace: Managing access to IPC resources (IPC: InterProcess Communication). The mnt namespace: Managing filesystem mount points (MNT: Mount). The uts namespace: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).
2) Cgroups (Control groups)
Cgroups restrict applications to a specific set of resources, allowing the Docker engine to share available hardware resources with the container and selectively enforce restrictions and constraints. For example, limit the memory available to the container.
3)Union file systems(UnionFS)
By creating the layers file system, the Docker engine provides building blocks for the container by using UnionFS. Each step the user takes to create an image generates a layer, which is an incremental rootFS. The most important function of UnionFS is to mount multiple directories in different locations to the same directory
4) the Container format
The Docker engine combines namespaces, Cgroups, and UnionFS into a container format. The default container format is libContainer.
For most Linux containers such as Docker, the Cgroups technique is the primary method used to create constraints, while the Namespace technique is the primary method used to modify process views.
Reference: docs.docker.com/get-started…
Second, Dockerfile use
1) Basic format
INSTRUCTION arguments are actually case insensitive, but the convention uses uppercase
2) Common instructions
FROM: Specifies the base image to use to build the image. Every Dockerfile must have the FROM directive. If you don’t want to use any base images, you need to use FROM Scratch. RUN: Specifies the actions to be performed during the build process. The common form of the RUN directive is shell, and it also supports another exec form, which needs to be enclosed in []. EXPOSE: indicates the port on which the container listens when it runs. The listening port can also be specified with the -p argument when the container is started by Docker run. COPY and ADD: COPY instructions that COPY files or directories from the context directory to the specified path in the container. COPY and ADD, both of which ADD content to the image when it is built. ARG and ENV: Used to pre-define variables during image building. ENTRYPOINT and CMD: define the commands that need to be executed when the container runs.
3) Multi-stage build
There are multiple FROM directives in the Dockerfile, representing different stages, and subsequent stages can use the product of the previous stage, or the content originally contained in the image.
Command reference: docs.docker.com/engine/refe…
Iii. Use (MacOS)
1) installation
Brew install –cask –appdir=/Applications Docker verify the installation: docker –version
2) Configure the mirror
Click on the Docker for MAC app icon in the taskbar -> Perferences… Daemon – > – > Registrymirrors. Enter accelerators in the list and restart the accelerator to take effect.
{
……
"registry-mirrors": [
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn/",
"https://lkljkfsh.mirror.aliyuncs.com",
"https://reg-mirror.qiniu.com"
]
}
Copy the codeAddress for obtaining Aliyun image: cr.console.aliyun.com/cn-hangzhou…
Reference: docs.docker.com/engine/refe…