The Difference and Development Between Docker and Virtualization

Basic overview of docker container
1. What is a docker container
A container is a process running in an isolated environment. If the process stops, the container will be destroyed. The isolated environment has its own file system, ip address, host name, etc.
Simple Application Server
USD1.00 New User Coupon
* Only 3,000 coupons available.
* Each new user can only get one coupon(except users from distributors).
* The coupon is valid for 30 days from the date of receipt.

2. The difference between containers and virtualization
The difference between Linux container technology and virtualized kvm

The container consumes less resources, is lighter, and has higher performance. It can only run in a Linux environment

kvm virtualization:

Need the support of the hardware environment, need to simulate the hardware, can run different operating systems, start-up time in minutes (start-up process: bios power-on self-test-start according to the priority startup items set by bios-mbr boot-load Linux kernel-start first Processes)

Container virtualization:

No need for hardware support, no need to simulate hardware, common host kernel, startup time in seconds (no boot process, like running a Linux command, startup in seconds)
Insert picture description here

kvm solves the dependency between hardware and operating system

kvm has independent virtual disk, xml configuration file

Docker solves the dependency between software and operating system environment, enabling independent services or applications to get the same running results in different environments

Docker image has its own file system, common physical machine disk space

Docker container is a lightweight, portable, and self-contained software packaging technology that allows applications to run in the same way in almost task locations. Developers create and test containers on their laptops without any modification. Can run on a virtual machine in a production system

to sum up:

1) Use the same core as the host, with low performance loss

2) No instruction level simulation is required

3) The container can run commands locally on the CPU core without any special interpretation mechanism

4) Avoid the complexity of call replacement between virtualization and system

5) Lightweight isolation, sharing mechanism at the same time of isolation, to realize resource sharing between container and host

3. The development process of container technology

3.1.chroot technology

chroot technology, create a new subsystem, have its own complete system files

Do a simple chroot technique

1. Download a fedora catalog file to simulate

https://mirrors.tuna.tsinghua.edu.cn/lxc-images/images/fedora/32/amd64/default/20200613_20%3A33/rootfs.tar.xz
[root@nfs ~]# tar xf rootfs.tar.xz -C fedora/
[root@nfs ~]# chroot fedora/

3.2.Linux container lxc

Linux container (lxc) Linux container (namespace namespace, environment isolation and cgroup)

**Namespace: **Namespace plays a role in classification. For example, when multiple scripts are used together, the same function name may exist. At this time, namespace can be used to distinguish, such as name1.aa() name2.aa ()name is the namespace

cgroups: limit the resources that a process can use, such as memory, CPU, hard disk io

3.2.1 Install lxc

[root@ansible ~]# yum -y install lxc*
[root@ansible ~]# yum -y install libcgroup*
[root@ansible ~]# yum -y install bridge-utils*

3.2.2. Configure lxc network environment

Bridged network card

[root@ansible ~]# echo'TYPE=Ethernet
BOOTPROTO=none
NAME=eth0
DEVICE=eth0
ONBOOT=yes
BRIDGE=virbr0'> /etc/sysconfig/network-scripts/ifcfg-ens33


[root@ansible ~]# echo'TYPE=Bridge
BOOTPROTO=static
NAME=virbr0
DEVICE=virbr0
ONBOOT=yes
IPADDR=192.168.81.210
NETMASK=255.255.255.0
GATEWAY=192.168.81.2
DNS1=192.168.81.2
> /etc/sysconfig/network-scripts/ifcfg-virbr0

3.2.3. Start lxc

[root@ansible ~]# systemctl start cgconfig
[root@ansible ~]# systemctl start lxc

3.2.4. Install lxc container

The first way

[root@ansible ~]# lxc-create -t download -n centos6 - --server
s -d centos -r 7 -a amd64

Parameter explanation
-t specifies the template
-n container name
--server container source
-d operating system type
-r operating system version
-a operating system bit

You can also enter the interactive without adding the following parameters
[root@ansible ~]# lxc-create -t download -n centos6 - --server mirrors.tuna.tsinghua.edu.cn/lxc-images
Distribution: centos
Release: 7
Architecture: amd64

The second way

[root@ansible ~]# lxc-create -t centos -n centos-test

Install the same operating system directly according to the current operating system, the default minimum installation

3.2.4. Use lxc container

1) View the installed container
The container is installed in the /var/lib/lxc directory by default
[root@ansible ~]# ls /var/lib/lxc/
centos6 centos-test my-container

2) Modify password
[root@ansible ~]# chroot /var/lib/lxc/centos6/rootfs/ passwd
Change the password of user root.
New password:
Invalid password: password is less than 8 characters
Re-enter the new password:
passwd: All authentication tokens have been successfully updated.

3) Start the container
[root@ansible ~]# lxc-start -n centos6

4) Start in the background
[root@ansible ~]# lxc-start -d -n centos6
 
5) Connect via attach
[root@ansible ~]# lxc-attach -n centos6
[root@centos ~]#

6) clone
[root@ansible ~]# lxc-clone -o centos7 -n centos7_kl
[root@ansible ~]# ls /var/lib/lxc/
centos centos6 centos7 centos7_kl my-container