www.icesr.com
IT运维工程师的摇篮

docker学习笔记

核心概念

  • 镜像
    An image is a lightweight, stand-alone, executable package that includes everything needed to run a piece of software, including the code, a runtime, libraries, environment variables, and config files.
    做个类比,image很像kvm的虚拟机镜像qcow,里面包括软件APP、APP运行依赖的库、以及guest os等。
  • 容器
    A container is a runtime instance of an image—what the image becomes in memory when actually executed. It runs completely isolated from the host environment by default, only accessing host files and ports if configured to do so.
    Containers run apps natively on the host machine’s kernel. They have better performance characteristics than virtual machines that only get virtual access to host resources through a hypervisor. Containers can get native access, each one running in a discrete process, taking no more memory than any other executable.
    container概念理解起来比较简单,就是image运行起来的一个实例;和之前的kvm虚拟相比,更加轻量化(不包括OS,直接使用host的kernel以及物理资源等),也不存在敏感指令导致的陷入退出引发的系统开销,性能更佳;实际运行时,又通过namespace机制和host端运行环境完全隔离,安全机制高。
  • swarm
    A swarm is a group of machines that are running Docker and joined into a cluster. After that has happened, you continue to run the Docker commands you’re used to, but now they are executed on a cluster by a swarm manager. The machines in a swarm can be physical or virtual. After joining a swarm, they are referred to as nodes.
    可以理解为以集群模式把多个物理机或虚拟机组织起来运行docker服务,但对docker client并无须感知过多,只用在manager节点上运行docker服务即可。
  • 仓库
    a repository is a collection of images.
    自己开发的image可以放到仓库中去发布,销售,以及和别人共享;他人的成果我们也能直接拿来用,很像apple公司推出的app store的概念。

Docker Engine

docker engine
engine以CS架构运行,包含以下组件:
– server:在后台运行的daemon进程(dockerd命令),可以用来创建和管理Docker的对象,包括images,containers,networks,volumes
– Rest Api:提供CLI和server交互的接口,通过这些Api来告知server去做什么
– CLI:client端(docker命令)

Docker 架构

docker architecture
总结构CS模型,client和daemon可以运行在同一个host上,也可以连接client到远端的daemon上。

Registry

对应前面核心概念中的仓库,Registry用来存储images。当client执行docker pull或者docker run命令时,就会从配置好的Registry中去获取该命令依赖的image;对应的 docker push,会将本地的image放到Registry中。

Docker Objects

包括images,containers,services。这些对应的就是前面核心概念中介绍的,其中services类似swarm。

namespace

通过 6 种 namespace 从进程、网络、IPC、文件系统、UTS 和用户角度的隔离,一个 container 就可以对外展现出一个独立计算机的能力,并且不同 container 从 OS 层面实现了隔离。 然而不同 namespace 之间资源还是相互竞争的,仍然需要类似 ulimit 来管理每个 container 所能使用的资源 – cgroup。

安装

基于Ubuntu

<code>$ sudo apt<span class="hljs-attribute">-get</span> update

$ sudo apt<span class="hljs-attribute">-get</span> install <span class="hljs-subst">/</span>
    linux<span class="hljs-attribute">-image</span><span class="hljs-attribute">-extra</span><span class="hljs-subst">-</span>$(uname <span class="hljs-attribute">-r</span>) <span class="hljs-subst">/</span>
    linux<span class="hljs-attribute">-image</span><span class="hljs-attribute">-extra</span><span class="hljs-attribute">-virtual</span>

<span class="hljs-number">1</span>  uname <span class="hljs-attribute">-a</span>
<span class="hljs-number">2</span>  sudo apt<span class="hljs-attribute">-get</span> update
<span class="hljs-number">3</span>  sudo apt<span class="hljs-attribute">-get</span> install     linux<span class="hljs-attribute">-image</span><span class="hljs-attribute">-extra</span><span class="hljs-subst">-</span>$(uname <span class="hljs-attribute">-r</span>)     linux<span class="hljs-attribute">-image</span><span class="hljs-attribute">-extra</span><span class="hljs-attribute">-virtual</span>
<span class="hljs-number">4</span>  sudo apt<span class="hljs-attribute">-get</span> update
<span class="hljs-number">6</span>  curl <span class="hljs-attribute">-fsSL</span> https:<span class="hljs-comment">//download.docker.com/linux/ubuntu/gpg | sudo apt-key add -</span>
<span class="hljs-number">8</span>  sudo add<span class="hljs-attribute">-apt</span><span class="hljs-attribute">-repository</span>    <span class="hljs-string">"deb [arch=amd64] https://download.docker.com/linux/ubuntu /
$(lsb_release -cs) /
stable"</span>
<span class="hljs-number">9</span>  sudo apt<span class="hljs-attribute">-get</span> update
<span class="hljs-number">10</span>  sudo apt<span class="hljs-attribute">-get</span> install docker<span class="hljs-attribute">-ce</span>
<span class="hljs-number">11</span> sudo docker run hello<span class="hljs-attribute">-world</span>
</code>

使用

  • 添加运行权限
    运行docker命令时默认必须具有root权限,需要在运行docker命令前加sudo,或者采取如下步骤授予普通用户执行权限:
<code>    <span class="hljs-comment"># 如果还没有docker group就添加一个:</span>
    $ <span class="hljs-built_in">sudo</span> groupadd docker
    <span class="hljs-comment"># 将用户加入该group内。然后退出并重新登录即可生效。</span>
    $ <span class="hljs-built_in">sudo</span> gpasswd <span class="hljs-operator">-a</span> <span class="hljs-variable">${USER}</span> docker
    <span class="hljs-comment"># 重启docker</span>
    $ <span class="hljs-built_in">sudo</span> service docker restart</code>
  • 保存对容器的更改:
<code> <span class="hljs-built_in">sudo</span> docker container commit <span class="hljs-number">0</span>ab1e61f8821 mycon
 <span class="hljs-built_in">sudo</span> docker ps
 <span class="hljs-built_in">sudo</span> docker container ls
 <span class="hljs-built_in">sudo</span> docker images
 <span class="hljs-built_in">sudo</span> docker image rm mycon
 <span class="hljs-built_in">sudo</span> docker images
</code>
  • Search images
<code>$ <span class="hljs-built_in">sudo</span> docker search ubuntu</code>
  • Pull images
<code>$ <span class="hljs-built_in">sudo</span> docker pull ubuntu <span class="hljs-comment"># 获取 ubuntu 官方镜像 </span>
$ <span class="hljs-built_in">sudo</span> docker images <span class="hljs-comment"># 查看当前镜像列表</span></code>
  • Running an interactive shell
<code>$ sudo docker run <span class="hljs-attribute">-i</span> <span class="hljs-attribute">-t</span> ubuntu:<span class="hljs-number">14.04</span> /bin/bash
  ● docker run <span class="hljs-subst">-</span> 运行一个容器
  ● <span class="hljs-attribute">-t</span> <span class="hljs-subst">-</span> 分配一个(伪)tty (<span class="hljs-keyword">link</span> is external)
  ● <span class="hljs-attribute">-i</span> <span class="hljs-subst">-</span> 交互模式 (so we can interact <span class="hljs-keyword">with</span> it)
  ● ubuntu:<span class="hljs-number">14.04</span> <span class="hljs-subst">-</span> 使用 ubuntu 基础镜像 <span class="hljs-number">14.04</span>
  ● /bin/bash <span class="hljs-subst">-</span> 运行命令 bash shell
注: ubuntu 会有多个版本,通过指定 <span class="hljs-built_in">tag</span> 来启动特定的版本 <span class="hljs-preprocessor">[</span>image<span class="hljs-preprocessor">]</span><span class="hljs-markup">:</span><span class="hljs-preprocessor">[</span><span class="hljs-built_in">tag</span><span class="hljs-preprocessor">]</span><span class="hljs-markup">

$ sudo docker ps # 查看当前运行的容器, ps -a 列出当前系统所有的容器 CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES6c9129e9df10        ubuntu:14.04        /bin/bash 6 minutes ago       Up 6 minutes                            cranky_babbage</span></code>
  • 相关快捷键
<code>  ● 退出:Ctrl<span class="hljs-attribute">-Dorexit</span>
  ● detach:Ctrl<span class="hljs-attribute">-P</span> <span class="hljs-subst">+</span> Ctrl<span class="hljs-attribute">-Q</span>
  ● attach:docker attach CONTAINER<span class="hljs-attribute">-ID</span></code>
  • 列出容器
<code>    $ <span class="hljs-built_in">sudo</span> docker ps <span class="hljs-comment"># Lists only running containers</span>
    $ <span class="hljs-built_in">sudo</span> docker ps <span class="hljs-operator">-a</span> <span class="hljs-comment"># Lists all containers</span>
    $ <span class="hljs-built_in">sudo</span> docker ps <span class="hljs-operator">-l</span> <span class="hljs-comment"># List the last running container</span></code>
  • 控制容器
<code> <span class="hljs-comment"># 开始一个新的容器</span>
    <span class="hljs-variable">$ </span><span class="hljs-constant">JOB</span>=<span class="hljs-variable">$(</span>sudo docker run -d ubuntu /bin/sh -c <span class="hljs-string">"while true; do echo Hello world; sleep 1; done"</span>)

    <span class="hljs-comment"># 停止容器</span>
    <span class="hljs-variable">$ </span>docker stop <span class="hljs-variable">$JOB</span>

    <span class="hljs-comment"># 开始容器</span>
    <span class="hljs-variable">$ </span>docker start <span class="hljs-variable">$JOB</span>

    <span class="hljs-comment"># 重启容器</span>
    <span class="hljs-variable">$ </span>docker restart <span class="hljs-variable">$JOB</span>

    <span class="hljs-comment"># 杀死一个工作</span>
    <span class="hljs-variable">$ </span>docker kill <span class="hljs-variable">$JOB</span>

    <span class="hljs-comment"># 删除一个容器</span>
    <span class="hljs-variable">$ </span>docker stop <span class="hljs-variable">$JOB</span> <span class="hljs-comment"># Container must be stopped to remove it</span>
    <span class="hljs-variable">$ </span>docker rm <span class="hljs-variable">$JOB</span></code>
  • 删除docker image
<code>    <span class="hljs-comment"># 停止所有容器</span>
    <span class="hljs-variable">$ </span>docker stop <span class="hljs-variable">$(</span>docker ps -a -q)

    <span class="hljs-comment"># 删除指定镜像</span>
    <span class="hljs-variable">$ </span>docker rmi <span class="hljs-variable">$image</span>

    <span class="hljs-comment"># 删除无标示镜像,即id为&lt;None&gt;的镜像</span>
    <span class="hljs-variable">$ </span>docker rmi <span class="hljs-variable">$(</span>docker images | grep <span class="hljs-string">"^&lt;none&gt;"</span> | awk <span class="hljs-string">"{print $3}"</span>)

    <span class="hljs-comment"># 删除所有镜像</span>
    <span class="hljs-variable">$ </span>docker rmi <span class="hljs-variable">$(</span>docker images -q)</code>

在docker中运行命令

docker容器可以理解为在沙盒中运行的进程。这个沙盒包含了该进程运行所必须的资源,包括文件系统、系统类库、shell 环境等等。但这个沙盒默认是不会运行任何程序的。你需要在沙盒中运行一个进程来启动某一个容器。这个进程是该容器的唯一进程,所以当该进程结束的时候,容器也会完全的停止。

构建APP

三个层次(自上而下):
– Stack
A stack is a group of interrelated services that share dependencies, and can be orchestrated and scaled together. A single stack is capable of defining and coordinating the functionality of an entire application (though very complex applications may want to use multiple stacks).
– Service
Services are really just “containers in production.” A service only runs one image, but it codifies the way that image runs—what ports it should use, how many replicas of the container should run so the service has the capacity it needs, and so on. Scaling a service changes the number of container instances running that piece of software, assigning more computing resources to the service in the process.
– Container
配置dockerfile,built image

未经允许不得转载:冰点网络 » docker学习笔记

分享到:更多 ()

评论 抢沙发

评论前必须登录!