Docker is a new way to achieve a super lightweight virtual machine, in the implementation of the principle and application or VM has a huge difference, the professional name is the application container (application Container). (I personally prefer to call it a virtual machine)
1. Installation
1.1 Installing Docker on Ubuntu 14.04
Prerequisite Requirements:
Kernel version must be 3.10 or above
Follow these steps in sequence:
sudo apt-get update
sudo apt-get install Apt-transport-https ca-certificates
sudo apt-key adv--keyserver hkp:// p80.pool.sks-keyservers.net:80--recv-keys 58118e89f3a912897c070adbf76221572c52609d
Edit/etc/apt/ Sources.list.d/docker.list file, add Deb Https://apt.dockerproject.org/repo ubuntu-trusty main
sudo apt-get update
sudo apt-get purge lxc-docker
apt-cache policy docker-engine apt-get
upgrade
sudo apt-get install linux-image-extra-$ (uname-r) linux-image-extra-virtual
sudo apt-get install Docker-engine
The installation process is complete.
Run sudo service Docker start to start the Docker daemon.
Run Docker version to view Docker versions
root@devstack:/home/sammy# Docker--version
Docker version 1.12.1, build 23cf638
Start the first container:
Start the first Docker container Docker run Hello-world
root@devstack:/home/sammy# Docker run Hello-world
Hello from docker!
This message shows the your installation appears to be working correctly.
The success of its operation also indicates that the previous installation steps are running correctly.
Refer to the above content from Docker official website: https://docs.docker.com/engine/installation/linux/ubuntulinux/
1.2 Docker to the current (2016/09/16) version history
2. Basic operation of Docker
2.1 Docker Container State machine
A container may be in one of several states at some point:
- Created: has been created (can be listed using the Docker ps-a command) but has not been started (using the Docker PS command is not yet listed)
- Running: in operation
- Paused: The process of the container has been paused
- Restarting: The process of the container is being restarted
- Exited: The stopped state in the figure above indicates that the container has run before but is now stopped (to distinguish it from the created state, which is a newly created container that has not been run). You can get it back into the running state with the start command
- Destroyed: The container is removed and no longer exists.
You can view its detailed status in the output of the Docker inspect command:
' state ': {
' Status ': ' Running ',
' running ': true,
' paused ': false,
' restarting ': false,
' Oomkilled ": false,
" Dead ": false,
" Pid ": 4597,
" ExitCode ": 0,
" Error ":" ",
" Startedat ":" 2016-09-16t08:09:34.53403504z ",
" Finishedat ":" 2016-09-16t08:06:44.365106765z "
}
2.2 Docker Command Overview
We can classify the Docker order roughly as follows:
Mirroring operation: Build build an image from a dockerfile commit Create a new image from a container ' s changes images List images Load load an image from a tar archive or STDIN pull pull a-image or a repository from a registry push push an image Or a repository to a registry RMI Remove one or more images search the Docker Hub for images tag tag an image into a repository save one or more images to a tar archive (streamed to STDOUT by default) history show the history of a Mirror Insp ECT get the details of the mirror container and the lifecycle operations it applies to: create Create a new container (creating a container) kill kill one or more running Containers Insp
ECT return low-level information on a container, image or task pause pause all processes within one or more containers PS List containers rm Remove one or more containers (delete a container or more) Rename rename a container restart restart a containe R Run Run a command in a new container (create and start a container) start starting one or more stopped containers (start a container in a stopped state) stats Display a live stream of Container (s) Resource usage statistics (display container real time resource consumption information) stop stop one or more running containers (stop a container in the running state) top D Isplay the running processes of a container unpause unpause all processes within one or more Containers Update Update Co Nfiguration of one or more containers. Until a container stops, then print its exit code attach attach to a R unning container exec Run a command in a running container port List port mappings or a specific for the mapping Iner logs gets the container's log container file system operation: CP Copy files/folders between a container and the local filesystem diff Inspect Chan GES on a container ' s filesystem export export a container ' s filesystem as a tar archive import import the contents from
A tarball to create a filesystem image Docker registry operation: Login Log in to a Docker registry.
Logout Log out from a docker registry.
Volume Operation Volume Manage Docker volumes network Operation network Manage Docker networks Swarm related operations Swarm Manage Docker Swarm SerVice Manage Docker Services node Manage Docker Swarm nodes System operations: Version show the Docker version information Eve
NTS get real time events from the server (continuous return Docker event) info Display system-wide information (displays Docker host system-wide information)
Some of the more interesting commands:
(1) The life cycle of the container from birth to death
root@devstack:/home/sammy# Docker Create--name web31 training/webapp python app.py #创建名字为 web31 container 7465f4cb7c49555af329 29bd1bc4213f5e72643c0116450e495b71c7ec128502 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' Web31 #其状态为 created created root@devstack:/home/sammy# Docker start web31 #启动容器 web31 root@devstack:/home /sammy# Docker Inspect--format= ' {{. State.status}} ' web31 #其状态为 running running root@devstack:/home/sammy# Docker pause web31 #暂停容器 web31 root@devstack:/home /sammy# Docker Inspect--format= ' {{. State.status}} ' Web31 paused root@devstack:/home/sammy# docker unpause web31 #继续容器 web31 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' web31 running root@devstack:/home/sammy# docker rename Web31 newweb31 #重命名 root@devstack:/home/sammy# Docker Inspect--format= ' {{. State.status}} ' newweb31 running root@devstack:/home/sammy# Docker top newweb31 #在容器中运行 top command UID PID PPID C Stime TTY time CMD root 5009 4979 0, 16:28? 00:00:00 python app.py root@devstack:/home/sammy# docker logs newweb31 #获取容器的日志 * Running on Http://0.0.0.0:5000/(Pres S CTRL + to quit) root@devstack:/home/sammy# Docker stop Newweb31 #停止容器 newweb31 root@devstack:/home/sammy# Docker Inspect --format= ' {{. State.status}} ' Newweb31 exited root@devstack:/home/sammy# Docker rm newweb31 #删除容器 newweb31 root@devstack:/home/sammy# Docker Inspect--format= ' {{.
State.status}} ' newweb31 error:no such image, container or task:newweb31
(2) Docker stop and Docker kill
When the Docker Stop command executes, it sends the system signal sigterm to the process of PID 1 in the container, and then waits for the application in the container to terminate execution if the wait time reaches the set timeout (the default is 10 seconds, the user can specify a specific timeout length). will continue to send sigkill system signals to forcibly kill the process. The application in the container can choose to ignore and not process the sigterm signal, but once the timeout is reached, the program is forcibly killed by the system because the Sigkill signal is sent directly to the system kernel and the application has no chance to handle it.
For example, after running the Docker stop web5-t 20 command:
2016-09-16t16:01:18.206540853+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=15)
2016-09-16t16:01:38.212352224+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=9)
2016-09-16t16:01:38.235021315+08:00 container die b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (exitcode=137, Image=training/webapp, NAME=WEB5)
can see:
- First Docker the sigterm signal to the container (signal=15)
- Wait 20 seconds (01:18 to 01:38)
- Resend SIGKILL system signal (signal = 9)
- And the container was killed (die)
The Docker kill command emits a sigkill system signal to force the operation of the program in the container to be terminated. After running the Docker kill WEB5 command:
2016-09-16t16:06:44.351086471+08:00 container Kill b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (Image=training/webapp, NAME=WEB5, signal=9)
2016-09-16t16:06:44.365116100+08:00 container die b3256ef1400a7f6a6f242e377a77af5e25d3b12237c4ee7c2e9b31a5f6437868 (exitcode=137, Image=training/webapp, NAME=WEB5)
Visible directly emitted is the SIGKILL signal, the container was immediately killed.
(3) Use Docker CP to copy files or directories between host and container
root@devstack:/home/sammy# Docker cp/home/sammy/mydockerbuild/dockerfile web5:/webapp #从 host copy files to container
root@devstack:/home/sammy#
root@devstack:/home/sammy# Docker CP Web5:/webapp/dockerfile/home/sammy/dockerfile #从 container inside copy files to host
root@devstack:/home/sammy# ls/home/sammy
chroot devstack dockerfile mongodbdocker Mydockerbuild WebApp
(4) Docker Export and import
Docker Export: Package A container's file system as a compressed file
root@devstack:/home/sammy# Docker export Web5-o./web5
root@devstack:/home/sammy# ls
chroot devstack Dockerfile mongodbdocker mydockerbuild Web5 webapp
Docker import: Create a mirror from a compressed file
root@devstack:/home/sammy# Docker import web5 web5img-m "imported on 0916"
sha256 : 745bb258be0a69a517367667646148bb2f662565bb3d222b50c0c22e5274a926
root@devstack:/home/sammy# Docker History Web5img
IMAGE CREATED CREATED by SIZE COMMENT
745bb258be0a 6 seconds ago 324 MB imported on 0916
2.3 Docker Run command
The Docker Run command creates a container and starts it, and it also contains a number of parameters that are categorized by purpose as follows:
Cgroups and Namespace Related:--blkio-weight value block IO (relative weight), between and 1000--blkio-weight-device Value block IO weight (relative device weight) (default [])--cgroup-parent string Optional parent Cgroup for the Conta Iner--cpu-percent int CPU percent (Windows only)--cpu-period int Limit CPU CFS (completely Fair Scheduler) per IoD--cpu-quota int Limit CPU CFS (completely Fair Scheduler) quota-c,--cpu-shares int CPU shares (relative Wei ght)--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)--cpuset-mems string MEMS in which to allow Execution (0-3, 0,1)--device-read-bps value Limit Read rate (bytes per second) from a device (default [])--device-r Ead-iops value Limit Read rate (IO/second) from a device (default [])--device-write-bps value Limit Write rate (b Ytes per second) to a device (default [])--device-write-iops value Limit Write rate (IO/second) to a device (Defau LT [])--IPC string IPC namespace to Use-m,--memory string memory limit--memory-reservation string memory soft limit--memory-swa P string Swap limit equal to memory plus swap: ' 1 ' to enable unlimited Swap--memory-swappiness int tune container m Emory Swappiness (0 To) (default-1)--kernel-memory string kernel memory limit-u,--user string Username or UID (format: <name|uid>[:<group|gid>])--userns string User namespace to use--uts string UTS names Pace to Use-h,--hostname string Container host name--pid string PID namespace to use--pids-limit int Tu NE container PIDs limit (set-1 for unlimited)--isolation string container isolation technology--io-maxbandwidth s Tring Maximum IO Bandwidth limit for the system drive (Windows only)--io-maxiops uint the IOps Maximum for the Sy Stem Drive (Windows only) Linux process capabilities related parameters:--cap-add value add Linux capabilities (default [])- -cap-drop Value DropLinux capabilities (default []) container run mode and environment Related:-D,--detach run container in background and print container id-e, --env Value Set Environment variables (default [])--env-file value Read in a file of environment variables (def Ault []) DNS Related:--dns value set custom DNS servers (default [])--dns-opt Value set DNS options (default [] )--dns-search value Set custom DNS search domains (default []) health Check Related:--health-cmd string Command to run to C Heck health--health-interval duration time between running the check--health-retries int consecutive failures need Ed to the unhealthy--health-timeout duration Maximum time to allow one check to run--no-healthcheck Disable a NY container-specified Healthcheck IP and port:--ip string container IPv4 address (e.g. 172.30.100.104)--IP6 Stri ng Container IPv6 address (e.g. 2001:db8::33)-p,--publish value publish a Container ' s port (s) to the host (Defau LT [])-P,--publish-alL Publish all exposed ports to random ports--expose value expose a port or a range of ports (default [])--mac -address string Container MAC address (e.g. 92:d0:c6:0a:29:33)--add-host value add a custom Host-to-ip mapping (ho ST:IP) (default []) Volume Related:-V,--volume value Bind mount a Volume (default [])--volume-driver string optio
NAL volume driver for the container--volumes-from value Mount volumes from the specified container (s) (default []) --storage-opt Value Storage driver options for the container (default []) network:--network string Connect A Container to a network (default "default")--network-alias value Add network-scoped alias for the container (default [])--link value ADD link to another container (default [])--link-local-ip value container Ipv4/ipv6 link-local Addresses (default []) log:--log-driver string Logging driver for the container--log-opt value log Driver
Options (default [])Interactivity Related:-A,--attach value attach to stdin, STDOUT or STDERR (default [])-I,--interactive Keep STDIN Open even I F not attached OOM:--oom-kill-disable disable OOM killer--oom-score-adj int tune host ' s OOM preferences ( -1000 to 1000) other (to be further classified):--cidfile string Write the container ID to the file--detach-keys string Override The key sequence for detaching a container--device value ADD a host device to the container (default [])--disable -content-trust Skip Image Verification (default true)--entrypoint string Overwrite The default entrypoint of the IMA GE--group-add Value add additional groups to join (default [])--help Print usage-l,--label value Set Meta data on a container (default [])--label-file value Read in a line delimited file of labels (default [])--name String Assign a name to the container--privileged give extended privileges to this container Mount the container ' s ROot filesystem as Read only--restart string restart policy to apply when a container exits (default "no")--rm Automatically remove the container when it exits--runtime string runtime to use for this container--security-o PT value Security Options (default [])--shm-size string size Of/dev/shm, the default value is 64MB--sig-proxy Proxy received signals to the process (default true)--stop-signal string signal to stop a container, sigterm by Defau LT (default "Sigterm")--sysctl value sysctl options (default map[])--tmpfs value Mount a tmpfs directory (def Ault [])-T,--tty Allocate a pseudo-tty--ulimit value ulimit options (default [])-W,--workdir string W
Orking directory inside the container
The specific content will be analyzed in a special document later.
3. Basic structure of Doker platform
The Docker platform is basically composed of three parts:
- Clients: Users use the tools provided by Docker (CLI and APIs, etc.) to build, upload mirrors and publish commands to create and launch containers
- Docker host: Download mirror from Docker registry and start container
- Docker Registry:docker mirrored warehouse for storing mirrors and providing mirrored uploads and downloads
The following article will be specific analysis.
The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.