Reprinted from: Https://yq.aliyun.com/articles/63517?spm=5176.100239.blogcont63035.17.VQ5N1G
Plain English Docker introduction (ii)Get the Cloud 2016-11-14 17:05:33 view 396 Comments 0
Docker Ubuntu Technology Association data disk Image operating system
Summary: #大白话Docker入门 (ii) [Plain English Docker Introduction (i)] (http://www.atatech.org/articles/65782) Let's get to know Docker and see how Docker is probably playing. The initial impressions may make you feel like you are deploying your VMS, like Docker image is a plain English docker introduction (ii)
Plain English Docker Introduction to the previous section (a) Let's get to know Docker and see how Docker is probably playing. The initial impression may make you feel like you are deploying a VM, like Docker image is a system backup file, Docker container is a run-up VM, and what's so special about Docker? not the same Docker
A simple list of the points we can easily find at this stage:
The size of the Docker image is very small, note that before we use a few image size, a full-featured Ubuntu is more than 100 MB. The size of the Docker image is so small that we can easily transfer and share it over the network, providing the company with the possibility of managing and distributing a large number of image.
ruidemacbook-pro:~ ruihuang$ Docker images
REPOSITORY TAG SIZE
job1 latest 1.093 MB
Ubuntu latest 127.2 MB
busybox latest 1.093 MB
hello-world latest 1.848 KB
Docker's system boot time is 0. Yesterday if you also try to start Hello-world's classmates may know, Docker run Hello-world command is instantaneous, you do not feel the load image, start the system time-consuming, command completion directly output the results. After the program executes, container also shuts down, and there is no time to save the mirror, but the next time you run it will still retain the status you have handled.
The Docker system consumes very little resources, and we know that if we start a VM system, whether it's Linux or Windows, it will take up a bit of memory if it's not running, but if you don't run the program after Docker container starts, You can't see the system resources being consumed.
These features are not completely different from VMs. And with these features, it is not a lot of scenarios that were not previously available. For example, we can build a project into an image and then easily distribute it, and when someone else gets it, they don't have to worry about what environment or dependencies your project needs, as long as Docker run runs. And fast, even in a single development machine can manage hundreds of container, no business processing time will not occupy your system resources ...
You may have felt some of the great things about Docker here ... Are you curious about how Docker is doing it? So we're going to go down. how Docker did it.
Let's think about how a server gives us the ability to run a project that we've developed. CPU, memory, hard disk, network, operating system, tool software and the operating environment of the project (JRE, etc.). When a machine with these capabilities is available, we will say that this machine provides a working environment for the project.
We know that VM technology can deploy a physical machine as multiple virtual machines, which solves a lot of waste of material resources and convenient management ability. So how does a VM do it? Keywords: hypervisor,vm an intermediate software layer is established on the operating system of the physical machine hypervisor,hypervisor utilize the resources of the physical machine, virtual out of a number of new virtual hardware environment, these hardware environments can share the resources of the host. These new virtual hardware environments, after installing the operating system and corresponding software, form a virtual machine of a station.
So what's different about Docker? Docker is a smart way to take advantage of some of the Linux technologies: Docker chooses a completely different approach to virtualization and does not virtualize any hardware, but rather "isolates" the hardware resources between different Docker container. Isolation allows each Docker container to have a different environment (hard disk space, network, System Toolkit), and can share the required hardware resources (CPU, memory, system kernel), to achieve the same functions as the virtual function provides.
The Linux core used by Docker is built as follows: (Interception from Docker component –linux Core) AUFS (chroot) – Used to establish different operating systems and isolate the runtime's hard disk space namespace– used to isolate container execution space cgroup– allocates different hardware resources selinux– is used to protect the network security of Linux netlink– used to keep the process of the different container communication netfilter– establish container port as the basis of the Web fire wall envelope discard Appar mor– protects container's network and performs secure Linux bridge– to enable container on different container or different host machines to communicate ...
Each of these technologies is certainly worth our understanding, here I only take the most representative of the aufs to unfold, let us understand the idea of Docker isolation. (in addition to the AUFS technology, please do your own research, the back I will also organize some resources issued)
AUFS-Another Union file SYSTEM,AUFS technology allows multiple file directories to be union into a new directory and read and write to this new directory.
What's the use of that? If you have a read-only CD data disk, but you want to edit the contents, you usually do not copy the content to your local hard drive and then edit it. But if you can use AUFS technology, you can combine a blank directory on your hard disk with your CD data disk to form a new directory, and then you read this directory, you will get the data on the CD, when you edit the contents of this directory, Edited content Aufs will automatically say that the changes are saved in the empty directory of your union, and when you read the area again, Aufs will also take the changes recorded on your hard drive to the content in the CD data disk, so that this is an entirely editable directory content for you.
Although Aufs seems to be a simple idea, Docker uses the technology to make big articles. We can imagine the image of Docker, which is actually a pre-made read-only file directory, and when we want to use this system function, Docker opens up a new folder for us and this image is a union, provided to Docker Container as a system run storage, the image contains the system programs, tools, and programs, when the system started to produce the runtime files (such as logs, temporary directory, etc.) or the new installation of the software is in this new folder. In this way, when we start a container, there is no process of loading the mirror, and we do not need to install a system like a VM to be responsible, just do a unoin, everything is the same as the virtual machine installed by the system. Docker also provides a docker commit command that can be used to build a new image of your current running Cantainer at any time.
View the current list of container
Command: Docker ps-a
ruidemacbook-pro:~ ruihuang$ Docker ps-a
CONTAINER ID IMAGE COMMAND STATUS
78bd49d9b73e Ubuntu "Bash" Exited (0) hours ago
Generate a new image from an Ubuntu container that contains the changes in this container
Command: Docker commit Container-id
ruidemacbook-pro:~ ruihuang$ Docker commit 78bd49d9b73e job2
sha256: E0c0d617d96cafedf008e3f276f35a2b95d15f1ed7535b58d19c8db8b18f8fb2
See if there's a new container now.
Command: Docker images
ruidemacbook-pro:~ ruihuang$ Docker images
REPOSITORY TAG IMAGE ID SIZE
job2 latest e0c0d617d96c 127.2 MB
job1 latest de714ebe3a54 1.093 MB
ubuntu latest F753707788c5 127.2 MB
busybox latest e02e811dd08f 1.093 MB
hello-world Latest C54A2CC56CBB 1.848 KB
See if this is a general understanding of the connection between Docker container and Docker images. A recap
Dcoker through a lot of so-called isolation, so that multiple Docker container share the same machine resources, but also isolated from each other (such as Container1 and container2 with a completely different hard disk space, network address, etc.), This makes Docker container the ideal development, test, and release environment for our projects. Very light weight, simple, easy to distribute and manage. This is the goal of Docker: Build, ship and Run any App, anywhere! next section
Below I will simply share the actual use of Docker now, and the concept of mircoservice ... Let us know about the impact of Docker on existing technologies and models