Docker Mirrors:
First of all, we know that the operating system is divided into kernel and user space, compared to Linux, the kernel boot, will mount the root file system to provide user space support.
and Docker mirror image, it is equivalent to a root file system, but this file system is a little special, provide the container runtime needs of the program, library, resources, configuration and other documents.
However, it contains a number of Run-time-ready configuration parameters, in fact the mirror does not contain any dynamic data, and its contents will not change after construction.
Mirrored tiered storage mechanism:
Mirroring contains the complete root file system, which is large in size, so the design is no longer using ISO-like packaging files, but using a multiple file system.
To say here, mirroring is actually a virtual concept, which is actually composed of a set of file systems.
As to how the image is built, it is built from layer to layer, for example, layer A is built, B-tier is built, and the build does not change. Changes can only occur at the current level.
If you want to delete a layer on layer B, it is not a real deletion, but a layer of the B layer of the tag to delete, in fact, there is a layer of a mirror, the equivalent of the deletion of a shortcut.
Therefore, the construction should only contain what the layer should be, and the extra stuff will be cleared away.
One of his advantages here is reuse, which is that you can use a built mirror as the basis for the difference, and then add a new layer to customize the content you want.
Docker container:
The relationship between mirrors and containers is the relationship between classes and instances in Java, and containers are entities that can be created, started, run, stopped, deleted, and so on.
The substance of a container is a process, except that the process is different from the process that is executed directly in the host, and the container is owned by its own separate namespace.
The container can therefore have its own root file system, network configuration, process space, and isolation.
Mirrored tiered storage, as is the case, because the container is mirrored as the base layer. When we want to store data on a container, the container creates a storage layer of the current container to store the data, and the lifecycle of the storage layer of the container follows the container and dies with life.
Docker practice found that the container should not be to the storage layer of data, to remain stateless, write files should use a data volume or host directory, where reading and writing will skip the storage layer, directly to the host read and write, stability and performance better.
The life cycle of a data volume is independent of the container, the container dies, and the data volume does not die. Therefore, after using a data volume, the container can be deleted, run again, and the data will not be lost.
Docker Registry:
Mirroring is complete, it's easy to run on the current host, and if you need to run on a different server, you need a service like Docker registry.
A docker registry can contain multiple warehouses, each of which can contain multiple labels, each of which corresponds to a mirror.
Typically, a warehouse contains mirrors of different versions of the same software, and tags are often used for each version of the software.
We can specify which version of the software is mirrored by the format of the < warehouse name >:< tag >. If you do not give a label, the latest is used as the default label.
Docker Registry Public Service
Docker Registry Public Service is a Registry service that is open to users and allows users to manage mirrors.
In general, this kind of public service allows users to upload and download the public image free of charge, and may provide fee-based services for users to manage private mirrors, and then describe
Docker Registry Private Service
In addition to using open services, users can also build private Docker Registry locally.
Open source Docker Registry mirrors provide only the server-side implementation of the Docker Registry API, which is sufficient to support Docker commands and does not affect usage.
But does not contain the graphical interface, as well as the image maintenance, the user management, the access control and so on advanced function, specifically later narrates
These advanced features are available in the official commercial version of Docker Trusted Registry