Play Docker Mirror

Source: Internet
Author: User
Keywords Docker mirroring
Tags address apache api application application developers applications apply for authentication

Foreword Docker is a container engine project based on lightweight virtualization technology open Source by Docker.inc company, which is based on go language development and complies with the Apache 2.0 protocol. With tiered mirroring standardization and kernel virtualization technology, Docker enables application developers and operational engineers to publish applications across platforms in a unified manner, and to provide resource-isolated applications running environments with little overhead. Due to the many new features and the openness of the project itself, Docker quickly gained the participation of many it vendors in less than two years, including industry leaders such as Google, Microsoft, and VMware. At the same time, Docker in the developer community is also a stone stirred the waves, many such as my code farmers began to pay attention to, learning and use of Docker, many enterprises, especially the Internet enterprises, is also increasing the investment in Docker, a great deal of a container revolution. Docker mirroring named resolution Mirrors is one of the core technologies of Docker, and it is also a standard format for application publishing. Whether you are using Docker pull image, or writing from image in Dockerfile, the Docker official registry download image should be one of the most frequent actions in the Docker operation. So what happens behind the scenes when we execute Docker pull image? Before answering this question, we need to understand how the next Docker image is named, and this is a more confusing concept in Docker: Registry,repository, Tag and image. The following is the output result of running Docker images on the local machine:


We can see that the "Ubuntu" mirror we used to say is not a mirror name, but rather a repository named Ubuntu, and underneath this repository there is a series of tag-tagged image,image marked as a GUID, It can also be referenced by Repository:tag for convenience.

So what is registry? Registry stores mirrored data and provides the ability to pull and upload mirrors. Mirrors in Registry are organized by repository, and each repository contains several images.

Registry contains one or more repositoryrepository containing one or more imageimage represented by a GUID, and one or more tags are associated with it. Where do you specify registry? Let's pull a more fully named Mirror:


Above I tried to pull an Ubuntu image and specify the private registry that registry built for me. The following is the code fragment for the pull command in the Docker CLI (cmdpull function in Docker/api/client/command.go)


At run time, the above taglessremote variable is passed into the localhost:5000/ubuntu. The code above attempts to parse the registry address from the Taglessremote variable, which in our case is localhost:5000.

Let's look back at the story behind this familiar pull command:


We followed the example code above to further enter the definition code fragment of the Analytic function Resolverepositoryname (docker/registry/registry.go)

We find that the Docker CLI determines whether the first part of the incoming taglessremote parameter contains '. ' or ': ' If it exists, think the first part is registry address, otherwise you will use the Docker official default registry (that is, Index.docker.io is actually a index Server here, And the difference between the registry left behind to delve into it, that is, the above code highlighted section. The story behind is not over, if you upload a mirror to Dockerhub, you should remember that you uploaded the mirror name format User-name/repository:tag so that user bob and user Alice can have the same name repository, The user name prefix is used as a namespace for isolation, such as Bob/ubuntu and Alice/ubuntu. The official mirror is distinguished by the username library, the specific code fragment is as follows (the Cmdpull function in Docker/api/client/command.go)

Let's go back and look at the logic of the Docker command line parsing tag (cmdpull function in Docker/api/client/command.go):


The code will try to find the ': ' tag in the image name entered by the user, and if not, use the default ' Defaulttag ', or ' latest '.

That is to say, in our example, the command is resolved as follows (note that the following command cannot be run directly because the Docker CLI does not allow the explicit designation of an official registry address)


Configuration registry Mirrordocker is so attractive, in addition to its innovative technology, the eco-circle around the official registry (Docker Hub) is also a very attractive place. On the Docker hub you can easily download a large number of already container-ready application mirrors, that is, pull-and-use. Some of these mirrors are Docker officially maintained, and more are shared by many developers spontaneously. And you can also bind your code managed system (currently support GitHub and BitBucket) in the Docker hub to automatically generate mirroring, so Docker hub will automatically generate corresponding Docker mirrors when you code updates, is it convenient?

Unfortunately, the Docker hub did not put the server in the country or use the domestic CDN, download a mirror 20 minutes at least, I wait for the code farmers can not afford so long, the boss is standing behind us to carry code. In order to overcome the trans-ocean network delay, there are generally two solutions: one is to use private registry, and the other is to use Registry Mirror, we start to chat.

The solution is to build or use the existing private registry, through regular and Docker hub sync popular mirrors, private registry save Some mirror copies, then you can through Docker pull private-registry.com/ User-name/ubuntu:latest, pull the mirror from this private registry. Because this scenario requires regular synchronization of the Docker hub mirror, it is better suited to use a relatively stable mirror, or a private mirror scenario. And the user needs to explicitly map the official mirror name to the private mirror name, and the private registry is more widely used in the enterprise interior scene. Private registry deployment is also very convenient, you can directly on the Docker hub download Registry mirror, that is, the specific deployment can refer to official documents.

Scenario Two is the use of registry Mirror, which is similar in principle to caching, if a mirror is hit in Mirror, it is returned directly to the client, or it is pulled from the registry that holds the mirror and automatically cached in Mirror. The coolest thing is whether the use of mirror is transparent to Docker users, that is, after configuring mirror, you can still enter Docker pull Ubuntu to pull the Docker hub image, in addition to speed, and no previous difference.

A more convenient way to butt Docker hub biosphere, the use of registry mirror naturally become my first choice. Next, I'll take a look at the process of Docker using mirror to pull the mirror. In the following example, I use the Registry mirror service provided by Daocloud, you will get a mirror address after you apply for the mirror service, and then all we have to do is configure this address in the Docker server startup script. The mirror configuration takes effect after restarting the Docker service (how to obtain the mirror service can refer to the appendix of this article)

The commands for configuring Docker Registry Mirror under Ubuntu are as follows:

sudo echo "docker_opts=\" \ $DOCKER _opts–registry-mirror=http://your-id.m.daocloud.io-d\ "" >>/etc/default /docker


sudo service docker restart

If you are using the Boot2docker, the configuration command is:

# enters Boot2docker Start Shell and executes


sudo su


echo "extra_args=\" –registry-mirror=http://your-id.m.daocloud.io\ "" >>/var/lib/boot2docker/profile


Exit


# restart Boot2docker

Configure a good registry mirror, you can pull Docker mirror image, after my test, the use of Daocloud mirror, pull a common mirror speed can reach about 1.5M, specific speed in your network environment may be slightly different.

Let's take a look at the process of Docker pulling the mirror after configuring the registry mirror. First is the CLI pull Mirror command snippet (cmdpull function in Docker/api/client/command.go)


First of all, the Docker CLI will attempt to obtain authorization, in our example will request authentication to HTTPS://INDEX.DOCKER.IO/V1, after authentication completes, the authentication server will return a corresponding token. Note that the user authentication is completely unrelated to the configured registry mirror, so we don't have to worry about using mirror security issues. The Docker CLI then invokes the Create mirroring command for Docker server (that is, the Docker daemon program), where Docker server performs a specific pull mirroring action, as follows (docker/graph/ Pull.go pullrepository function)


As you can see from the code, if you configure registry Mirror,docker server will first pull the mirror from the Mirror, if the Mirror pull fail will be followed by the registry drawn from the mirror specified. Everyone can be relieved, even if the configuration of the registry mirror failure, will not affect the user pull mirror, but speed ...

After the mirror is pulled down, you can run the container.


Appendix below I briefly introduce how to apply for a mirror service in Daocloud, first login Daocloud homepage


Click "Register Now", simply fill in the personal information, then login and automatically jump to the "console", follow the prompts to click the "Start your Accelerator" button.


After successful startup, you have a dedicated registry mirror address, the accelerator link is the address you want to set "--registry-mirror". At present, each user has 10G of accelerated traffic (Tips: If the flow is not enough to invite friends to get the reward flow, the more the invitation to more OH)


Finally, thanks to the domestic storage industry leader seven cattle cloud storage in storage and CDN to provide strong support, because there are like seven of the technology leader and enthusiastic to promote the Internet ecological development of the active participation of enterprises, we can provide developers with more quality services.

conclusion today we chatted with you. Docker how to parse mirroring and perform pull actions when drawing mirrors, and how to overcome network delay and speed up the pull process by setting registry mirror. The code involved is concentrated in the Docker CLI and Docker server, in many ways, such as how to respond to registry and how to link with the index Server, can only be left to the next time and detailed discussion.

Author Introduction

Sun Hongliang, Daocloud start-up team member, software engineer, Zhejiang University graduate student in computer science. During the study period active in PAAs and Docker open source community, Cloud Foundry has in-depth research and rich practice, good at the underlying platform code analysis, the architecture of the distributed platform has some experience, wrote a large number of in-depth technical blog. Joined the Daocloud team as a partner at the end of 2014, dedicated to disseminating Docker-oriented container technology and promoting the container of Internet applications.

If you need more information about Docker or technical documentation to access the Docker technology community, if you have more questions, please put it in the Dcoker Technical Forum and we will invite experts to answer. CSDN Docker Technology Exchange QQ Group: 303806405.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.