Basic Docker Image
What is Docker?
Docker is an improved container technology. The specific "improvement" is embodied in the fact that Docker introduces an image to the container, so that the container can be created from a pre-defined template (images), and the template is still layered.
Features that Docker often mentions:
- Lightweight, reflected in small memory usage, high density
- Fast, start in milliseconds
- Isolation, Sandbox technology is more like virtual machines
Docker technology basics:
- Namespace is the basis for container isolation, so that container A cannot see container B. 6 namespaces: User, Mnt, Network, UTS, IPC, Pid
- Cgroups: Container resource statistics and isolation. Major cgroups subsystems: cpu, blkio, device, freezer, memory
- Unionfs, typical: aufs/overlayfs, the basis for implementation of layered Images
Docker components:
- Docker ClientClient ----> initiates a request to the docker server process, such as creating, stopping, and destroying a container.
- Docker ServerServer process --> process all docker requests and manage all containers
- Docker RegistryImage repository --> the central repository for storing images, which can be seen as the scm for storing binary data
Docker Installation
Docker is easy to install and supports all mainstream operating systems, from Mac to Windows to various Linux distributions.
For details, refer to docker installation.
Common Docker commands and container operations
- Docker create # create a container but do not start it
- Docker run # create and start a container
- Docker stop # stop the container and send the SIGTERM Signal
- Docker start # start a stopped container
- Docker restart # restart a container
- Docker rm # delete a container
- Docker kill # send a signal to the container. The default value is SIGKILL.
- Docker attach # connect (enter) to a running container
- Docker wait # Blocks A container until the container stops running
Obtain container Information
- Docker ps # containers in the running status
- Docker ps-a # display all containers, including running and exiting (Exited)
- Docker inspect # Get all container information in the container
- Docker logs # view container logs (stdout/stderr)
- Docker events # Get Real-time events of the docker Server
- Docker port # display container port ing
- Docker top # display container Process Information
- Docker diff # display the changes before and after the container File System
Export container
- Docker cp # copy files or directories from the container
- Docker export # export the entire file system of the container as a tar package without information such as layers and tags
Run
- Docker exec # execute a command in the container and execute bash to enter the interactive
Image operations
- Docker images # display the list of all local images
- Docker import # create an image from a tar package, usually used in combination with export
- Docker build # Use Dockerfile to create an image (recommended)
- Docker commit # create an image from a container
- Docker rmi # delete an image
- Docker load # create an image from a tar package and use it with save
- Docker save # save an image as a tar package with layers and tag Information
- Docker history # displays the history commands for generating an image
- Docker tag # Alias for the image
Registry operations
- Docker login # log on to a registry
- Docker search # search for images from the registry Repository
- Docker pull # download the image from the repository to your local device
- Docker push # push an image to the registry Repository
Obtain the Container IP address (the Container status must be Up)
docker inspect id | grep IPAddress | cut -d '"' -f 4
Get port ing
docker inspect -f '{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' id
Get Environment Variables
docker exec container_id env
Kill all running containers
docker kill $(docker ps -q)
Delete old (created a week ago) Containers
docker ps -a | grep 'weeks ago' | awk '{print $1}' | xargs docker rm
Delete A stopped container
docker rm `docker ps -a -q`
Delete all images. Be careful
docker rmi $(docker images -q)
Dockerfile
Dockerfile is the basis for docker to build images. It is also an important feature that distinguishes docker from other containers. It is with Dockerfile that docker automation and portability become possible.
Whether it is development or O & M, it is almost essential to learn to write Dockerfile, which helps you understand the operation of the entire container.
FROM: Creates a new image FROM a basic image.
FROM ubuntu
MAINTAINER, MAINTAINER Information
MAINTAINER William <wlj@nicescale.com>
ENV, set Environment Variables
ENV TEST 1
RUN, non-interactive RUN shell command
RUN apt-get -y update RUN apt-get -y install nginx
ADD: copy an external file to the image. src can be a url.
ADD http://nicescale.com/ /data/nicescale.tgz
WORKDIR/path/to/workdir, set the working directory
WORKDIR /var/www
USER, set the USER ID
USER nginx
VULUME <# dir>, set volume
VOLUME [‘/data’]
EXPOSE: exposed ports
EXPOSE 80 443
ENTRYPOINT ['executable', 'param1', 'param2 ']
ENTRYPOINT ["/usr/sbin/nginx"]
CMD ["param1", "param2"]
CMD ["start"]
The command that is run when docker creates and starts the iner. If ENTRYPOINT is set, CMD will be used as the parameter.
Dockerfile Best Practices
- Try to put some frequently used unchanged commands in front
- CMD and ENTRYPOINT use json arrays whenever possible
Build an image using Dockerfile
docker build csphere/nginx:1.7 .
Registry
After an image is generated from the Dockerfile build, the image must be pushed to the image repository. A private docker registry must be built inside the enterprise. This registry can be seen as a binary scm, and CI/CD should also be carried out around the registry.
Deploy registry
mkdir /registrydocker run -p 80:5000 -e STORAGE_PATH=/registry -v /registry:/registry registry:2.0
Push the image to the repository
Suppose 192.168.1.2 is the address of the registry Repository:
docker tag csphere/nginx:1.7 192.168.1.2/csphere/nginx:1.7docker push 192.168.1.2/csphere/nginx:1.7