Docker installation and basic usage Docker Introductory Tutorial the second chapter _docker

Source: Internet
Author: User
Tags stdin docker ps docker cp docker hub docker run docker swarm docker registry


This series of articles will introduce Docker knowledge:

Docker cpu usage


(1) Docker installation and basic usage


Docker container cpu

(2) Docker mirror


Docker container cpu usage

(3) Isolation of Docker containers-use Linux namespace isolate container's operating environment


Docker cpu

(4) Isolation of Docker containers-use cgroups to limit the resources used by the container


Docker check cpu usage

(5) Docker Network



1. Installation



1.1 Installing Docker on Ubuntu 14.04



Prerequisite Requirements: docker stats cpu usage 



Kernel version must be 3.10 or above



Follow these steps in sequence: docker run cpu 



sudo apt-get update
sudo apt-get install Apt-transport-https ca-certificates
sudo apt-key adv--keyserver hkp://p80.pool.sks-keyservers.net:80--recv-keys 58118e89f3a912897c070adbf76221572c52609d
Edit/etc/apt/sources.list.d/docker.list file, add Deb Https://apt.dockerproject.org/repo ubuntu-trusty main
sudo apt-get update
sudo apt-get purge Lxc-docker
Apt-cache Policy Docker-engine
Apt-get Upgrade
sudo apt-get install linux-image-extra-$ (uname-r) linux-image-extra-virtual
sudo apt-get install Docker-engine



The installation process is complete.



Run sudo service Docker start to start the Docker daemon.
Run Docker version to view Docker versions


root@devstack:/home/sammy# Docker--version
Docker version 1.12.1, build 23cf638



Start the first container:



1. Start the first Docker container Docker run Hello-world
root@devstack:/home/sammy# Docker Run Hello-world



Hello from docker!
This message shows the your installation appears to be working correctly.
The success of its operation also indicates that the previous installation steps are running correctly.



Refer to the above content from Docker official website:https://docs.docker.com/engine/installation/linux/ubuntulinux/



1.2 Docker to the current (2016/09/16) version history



Release date of version number release manager
Docker 1.12.1 08/18/2016
Docker 1.12.0 07/28/2016
Docker 1.11.0 04/12/2016 @mlaventure
Docker 1.10.0 02/04/2016 @thaJeztah
Docker 1.9.0 10/29/2015 @tiborvass
Docker 1.8.0 08/11/2015 @calavera



2. Basic operation of Docker



2.1 Docker Container State machine






A container may be in one of several states at some point:



Created: has been created (can be listed using the Docker ps-a command) but has not been started (using the Docker PS command is not yet listed)
Running: in operation
Paused: The process of the container has been paused
Restarting: The process of the container is being restarted
Exited: The stopped state in the figure above indicates that the container has run before but is now stopped (to distinguish it from the created state, which is a newly created container that has not been run). You can get it back into the running state with the start command
Destroyed: The container is removed and no longer exists.



You can view its detailed status in the output of the Docker inspect command:


' state ': {
      ' Status ': ' Running ',
      ' running ': true,
      ' paused ': false,
      ' restarting ': false,
      ' Oomkilled ": false,
      " Dead ": false,
      " Pid ": 4597,
      " ExitCode ": 0,
      " Error ":" ",
      " Startedat ":" 2016-09-16t08:09:34.53403504z ",
      " Finishedat ":" 2016-09-16t08:06:44.365106765z "
    }


2.2 Docker Command Overview



We can classify the Docker order roughly as follows:



Mirroring operation:


Build builds an image from a dockerfile
Commit Create a new image from a container ' s changes
Images List Images
Load load an image from a tar archive or STDIN
Pull pull an image or a repository from a registry
Push push an image or a repository to a registry
RMI Remove one or more images
Search Search the Docker Hub for images
Tag tag an image into a repository
Save save one or more images to a tar archive (streamed to STDOUT by default)
History shows the history of a mirror
Inspect get the details of the mirror


Container and the life cycle operations applied in it:


Create Create a new container (creating a container)
Kill kill one or more running containers
Inspect return low-level information on a container, image or task
Pause pause all processes within one or more containers
PS List Containers
RM remove one or more containers (delete a container or multiple containers)
Rename Rename a container
Restart Restart a container
Run Run a command in a new container (create and start a container)
Start start one or more stopped containers (start a container in a stopped state)
Stats display a live stream of container (s) Resource usage statistics (display container real time resource consumption information)
Stop stop one or more running containers (stop a container in the running state)
Top Display The running processes of a container
Unpause unpause all processes within one or more containers
Update update configuration of one or more containers
Wait blocks until a container stops, then print its exit code
Attach attach to a running container
EXEC Run a command in a running container
Port List port mappings or a specific mapping for the container
Logs get the container's log


Container File system operations:



CP Copy files/folders between a container and the local filesystem
Diff Inspect Changes on a container ' s filesystem
Export export a container ' s filesystem as a tar archive
Import Import the contents from a tarball to create a filesystem image



Docker registry operation:



Login Log in to a Docker registry.
Logout Log out from a docker registry.



Volume Operation



Volume Manage Docker volumes



Network operations



Network Manage Docker Networks



Swarm related Operations



Swarm Manage Docker Swarm
Service Manage Docker Services
Node Manage Docker Swarm nodes



System Operation:



Version show the Docker version information
Events get real time events from the server (continuous return Docker event)
Info Display system-wide information (displays Docker host system-wide information)



Some of the more interesting commands:



(1) The life cycle of the container from birth to death





root@devstack:/home/sammy# Docker Create--name web31 training/webapp python app.py #创建名字为 web31 container 7465f4cb7c49555af329 29bd1bc4213f5e72643c0116450e495b71c7ec128502 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' Web31 #其状态为 created created root@devstack:/home/sammy# Docker start web31 #启动容器 web31 root@devstack:/home /sammy# Docker Inspect--format= ' {{. State.status}} ' web31 #其状态为 running running root@devstack:/home/sammy# Docker pause web31 #暂停容器 web31 root@devstack:/home /sammy# Docker Inspect--format= ' {{. State.status}} ' Web31 paused root@devstack:/home/sammy# docker unpause web31 #继续容器 web31 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' web31 running root@devstack:/home/sammy# docker rename Web31 newweb31 #重命名 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' newweb31 running root@devstack:/home/sammy# Docker top newweb31 #在容器中运行 the top command UID PID PPI   D C stime TTY time     CMD root 5009 4979 0 16:28? 00:00:00 python app.py root@devstack:/home/sammy# docker logs newweb31 #获取容器的日志 * Running on Http://0.0.0.0:5000/(P Ress CTRL + to quit) root@devstack:/home/sammy# Docker stop Newweb31 #停止容器 Newweb31 root@devstack:/home/sammy# Docker Insp ECT--format= ' {{. State.status}} ' Newweb31 exited root@devstack:/home/sammy# Docker rm newweb31 #删除容器 newweb31 root@devstack:/home/sammy# Docker Inspect--format= ' {{.


 State.status}} ' newweb31 error:no such image, container or task:newweb31


(2) Docker stop and Docker kill



When the Docker Stop command executes, it sends the system signal sigterm to the process of PID 1 in the container, and then waits for the application in the container to terminate execution if the wait time reaches the set timeout (the default is 10 seconds, the user can specify a specific timeout length). will continue to send sigkill system signals to forcibly kill the process. The application in the container can choose to ignore and not process the sigterm signal, but once the timeout is reached, the program is forcibly killed by the system because the Sigkill signal is sent directly to the system kernel and the application has no chance to handle it.



For example, after running the Docker stop web5-t 20 command:


2016-09-16t16:01:18.206540853+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=15)
2016-09-16t16:01:38.212352224+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=9)
2016-09-16t16:01:38.235021315+08:00 container die b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (exitcode=137, Image=training/webapp, NAME=WEB5)


can see:



1. First Docker send sigterm signal to container (signal=15)
2. Wait 20 seconds (01:18 to 01:38)
3. Resend SIGKILL system signal (signal = 9)
4. Then the container was killed (die)



The Docker kill command emits a sigkill system signal to force the operation of the program in the container to be terminated. After running the Docker kill WEB5 command:



2016-09-16t16:06:44.351086471+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=9)
2016-09-16t16:06:44.365116100+08:00 container die b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (exitcode=137, Image=training/webapp, NAME=WEB5)
Visible directly emitted is the SIGKILL signal, the container was immediately killed.



(3) Use Docker CP to copy files or directories between host and container


root@devstack:/home/sammy# Docker cp/home/sammy/mydockerbuild/dockerfile web5:/webapp #从 host copy files to container
root@devstack:/home/sammy#
root@devstack:/home/sammy# Docker CP Web5:/webapp/dockerfile/home/sammy/dockerfile #从 container inside copy files to host
root@devstack:/home/sammy# ls/home/sammy
chroot devstack dockerfile mongodbdocker Mydockerbuild WebApp


(4) Docker Export and import



Docker Export: Package A container's file system as a compressed file


root@devstack:/home/sammy# Docker export Web5-o./web5
root@devstack:/home/sammy# ls
chroot devstack Dockerfile mongodbdocker mydockerbuild Web5 webapp


Docker import: Create a mirror from a compressed file


root@devstack:/home/sammy# Docker import web5 web5img-m "imported on 0916"
sha256 : 745bb258be0a69a517367667646148bb2f662565bb3d222b50c0c22e5274a926
root@devstack:/home/sammy# Docker History Web5img
IMAGE        CREATED       CREATED by     SIZE        COMMENT
745bb258be0a    6 seconds ago              324 MB       imported on 0916


2.3 Docker Run command



The Docker Run command creates a container and starts it, and it also contains a number of parameters that are categorized by purpose as follows:
Cgroups and Namespace Related:


   --blkio-weight value block Io (relative weight), between and 1000--blkio-weight-device value block io Weig HT (relative device weight) (default [])--cgroup-parent string Optional parent Cgroup for the container--cpu-pe rcent int CPU percent (Windows only)--cpu-period int Limit CPU CFS (completely Fair-Scheduler) period- -cpu-quota int Limit CPU CFS (completely Fair Scheduler) quota-c,--cpu-shares int CPU shares (relative Wei ght)--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)--cpuset-mems string MEMS in which to
   Allow execution (0-3, 0,1)--device-read-bps value Limit Read rate (bytes per second) from a device (default []) --device-read-iops value Limit Read rate (IO/second) from a device (default [])--device-write-bps value Limit Write rate (bytes per second) to a device (default [])--device-write-iops value Limit Write rate (IO/second) to
  A device (default []) --IPC string IPC namespace to Use-m,--memory string memory limit--memory-reservation string memory Soft limit--memory-swap string swap limit equal to memory plus swap: '-1 ' to enable unlimited swap--MEMORY-SW
 appiness int tune container memory swappiness (0 to MB) (default-1)--kernel-memory string kernel memory limit -U,--user string Username or UID (format: <name|uid>[:<group|gid>])--userns string user n Amespace to use--uts string UTS namespace to Use-h,--hostname string Container host name--pid str  ing PID namespace to use--pids-limit int tune container PIDs limit (set-1 for unlimited)--isolation String Container Isolation technology--io-maxbandwidth string Maximum IO bandwidth for the system limit
 (Windows only)--io-maxiops uint Maximum IOps limit for the system drive (Windows only)


Linux process capabilities Related parameters:


   --cap-add value        add Linux capabilities (default [])
   --cap-drop value       drop Linux capabilities (default [])  


Container operation mode and environment Related:


 -D,--detach           Run container in background and print container ID
 -E,--env value          Set environment variables (def Ault [])
 --env-file value       Read in a file of environment variables (default [])


DNS Related:


   --dns Value          Set custom DNS servers (default [])
   --dns-opt value        set DNS options (default [])
   --dns-se Arch value      Set custom DNS search domains (default [])



Health Check Related:


   --health-cmd string      Command to run to check health
   --health-interval duration time  between the running c4/>--health-retries int     Consecutive failures needed   to, unhealthy--health-timeout Maximum time to allow one check to run
   --no-healthcheck       Disable any container-specified healthcheck


IP and Port:


   --ip string          Container IPv4 address (e.g. 172.30.100.104)
   --IP6 string         Container address IPv6.2001: db8::33)-
 p,--publish value        publish a container ' s port (s) to the host (default [])-
 p,--publish-allpublish all exposed ports to random ports
   --expose value        expose a port or a range of ports (default [])-
   - Mac-address string     Container MAC address (e.g. 92:d0:c6:0a:29:33)
   --add-host value       Add a custom Host-to-ip Mapping (HOST:IP) (default [])


Volume Related:


 -V,--volume value        Bind mount a volume (default [])
   --volume-driver string    Optional volume driver for the Cont Ainer
   --volumes-from Value     Mount volumes from the specified container (s) (default [])
   --storage-opt value< C7/>storage driver Options for the container (default [])


Network about:


   --network string       Connect a container to a network (default "default")
   --network-alias value     Add network-scoped alias for the container (default [])
   --link value         Add link to another container (default [])--link-local-ip value     Container ipv4/ipv6 link-local addresses (default [])


Log Related:


--log-driver string Logging driver for the container--log-opt value L OG driver Options (default []) 
Interactivity Related:-A,--attach value attach to stdin, STDOUT or STDERR (default [])-I,--interactive Keep STDIN op En even if not attached OOM about:--oom-kill-disable disable OOM killer--oom-score-adj int tune host ' s OOM preferences ( -1000 to 1000) others (to be further sorted):--cidfile string Write the container ID to the file--det Ach-keys string Override The key sequence for detaching a container--device value ADD a host device to the Container (default [])--disable-content-trust Skip image Verification (default true)--entrypoint string Ov Erwrite The default entrypoint of the image--group-add value add additional groups to join (default [])--hel P Print usage-l,--label value Set meta data on a container (default [])--label-file value R EAD in a line delimited file of labels (default [])--name string Assign-a name to the container--privilege D Give extendedprivileges to this container--read-only Mount the container ' s root filesystem as read only--restart Strin G Restart policy to apply when a container exits (default "no")--rm automatically remove the contain Er when it exits the--runtime string runtime to the for this container--security-opt the value security Options (default [])--shm-size string size Of/dev/shm, default value is 64MB--sig-proxy Proxy received sig Nals to the process (default true)--stop-signal string signal to stop a container, sigterm by default (default) SI Gterm ")--sysctl value sysctl options (default map[])--tmpfs value Mount a TMPFS directory (default [])-T,--tty Allocate a pseudo-tty--ulimit value ulimit options (default [])-W,--workdir Strin
 G Working directory inside the container


The specific content will be analyzed in a special document later.



3. Basic structure of Doker platform






The Docker platform is basically composed of three parts:



Clients: Users use the tools provided by Docker (CLI and APIs, etc.) to build, upload mirrors and publish commands to create and launch containers
Docker host: Download mirror from Docker registry and start container
Docker Registry:docker mirrored warehouse for storing mirrors and providing mirrored uploads and downloads
The following article will be specific analysis.



The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.